4.0 out of 5 stars
Good IDS|Snort book, Aug. 13 2003
This book is an effective introduction to Intruder Detection, demonstrating how popular open-source tools can be used. I found the code samples, table, diagrams and screenshots to be clear and useful. I learned what I'd hoped to learn and feel empowered to set up an IDS myself. Plenty of links and resources when I want to learn more.
I read a few of the other reviews here after I read the book... especially Richard B's. I noticed some of the same techinical mistakes, but don't feel that they are a big deal. As a sr. software engineer and techinical editor, I always read critically, just mentally note them and continue. They aren't the kind of mistakes that make the code useless, or would confuse/mislead any level of reader. Another editing pass would help most books, and I none of the grammar mistakes annoy me - I read to learn what I can and move on, not to nitpick or get annoyed.
As far as 1.9 vs. 2.0, I've looked at the snort site and agree that the release is signficant, but it doesn't break backwards compatibility, so it doesn't make this book any less revelant. 2.0 seems to mostly change the backend implementation - *the application is used identically* so I suspect the vast majority of this book is unaffected. The Syngress book covers 2.0, yet so does the website, which hypes this two-times-more-expensive book. That book too will no doubt soon be superceded, so read whatever you buy immediately ;-)