• List Price: CDN$ 51.80
  • You Save: CDN$ 8.06 (16%)
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.ca. Gift-wrap available.
Managing Security with Sn... has been added to your Cart
+ CDN$ 6.49 shipping
Used: Very Good | Details
Condition: Used: Very Good
Comment: This book is in very good condition and will be shipped within 24 hours of ordering. The cover may have some limited signs of wear but the pages are clean, intact and the spine remains undamaged. This book has clearly been well maintained and looked after thus far. Money back guarantee if you are not satisfied. See more of our deals.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Managing Security with Snort & IDS Tools Paperback – Aug 12 2004

See all 2 formats and editions Hide other formats and editions
Amazon Price
New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 43.74
CDN$ 16.30 CDN$ 0.95

Unlimited FREE Two-Day Shipping for Six Months When You Try Amazon Student
click to open popover

No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Product Details

  • Paperback: 292 pages
  • Publisher: O'Reilly Media; 1 edition (Aug. 12 2004)
  • Language: English
  • ISBN-10: 0596006616
  • ISBN-13: 978-0596006617
  • Product Dimensions: 17.8 x 2 x 23.3 cm
  • Shipping Weight: 476 g
  • Average Customer Review: Be the first to review this item
  • Amazon Bestsellers Rank: #1,436,997 in Books (See Top 100 in Books)
  •  Would you like to update product info, give feedback on images, or tell us about a lower price?

  • See Complete Table of Contents

Product Description

About the Author

Kerry Cox is a knowledgeable and enthusiastic chief administrator/network engineer at Bonneville International/KSL Radio and Television where he manages 40 Red Hat Linux servers, as well as Solaris and FreeBSD, performing installation, patching, hardening, and maintenance. He also handles all Cisco routers, switches, PIX and Checkpoint firewalls, CSS load balancers, IDS sensors and consoles. Kerry has implemented open source solution for monitoring networks, architectures, server processes, and bandwidth. Previously, he worked at network communications companies and ISPs and is the author of two books by Prima: the Linux Productivity Administrator's Guide and Red Hat Linux Administrator's Guide.

Christopher Gerg CISSP, CHSP is the Network Security Manager for Berbee Information Networks. His IT career started with phone technical support for Microsoft s launch of Windows 95 and his MCSE dates back to NT 3.51. He s worked as a system and network administrator and has traveled extensively installing WANs and infrastructure for a variety of clients. Five years ago things changed Christopher discovered open-source operating systems (FreeBSD, Debian, and Suse are his favorites) and he s spent three years as a penetration tester with Berbee and then transitioned from attack to defend for the last two years. Christopher is responsible for the network security of two Enterprise-class datacenters, the customers located in them, and the network infrastructure that connects it all (Multiple OC-48 SONET rings and multiple OC-3 s to the Internet). He uses Snort to watch it all.In his free time, Christopher raises rugged mountain alpacas in the wind-swept mountains of South-Central Wisconsin.

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 4.5 out of 5 stars 11 reviews
1 of 1 people found the following review helpful
4.0 out of 5 stars Great info on how to use SNORT properly Nov. 22 2008
By Joseph T. Page II - Published on Amazon.com
Format: Paperback Verified Purchase
O'reilly's books are awesome... and this is no different. Anything and everything on how to use SNORT properly is listed here. Rules and syntax are easy to implement. One downside comment; the title mentions SNORT and IDS tools; it dealt with SNORT heavily, and I didn't get a good coverage of "other" IDS tools... maybe O'reilly has something else in the works?
4.0 out of 5 stars Just what I needed Aug. 31 2007
By Daniel L. Miller - Published on Amazon.com
Format: Paperback Verified Purchase
The information I wanted when I bought this book is there. This book will be like my Unix in a Nut Shell book. Heavily used, heavily book marked, with dog eared pages as I keep going back to various sections for additional information.

That is the sign of a good book. Well used.

3 of 3 people found the following review helpful
4.0 out of 5 stars Snort made easy! March 9 2006
By Sean E. Connelly - Published on Amazon.com
Format: Paperback
O'Reilly's "Managing Security with Snort and IDS Tools" by Cox and Greg is a practical book that succinctly describes the basic functionality and utility of implanting Snort. The book does an excellent job at discussing the different configuration parameters when deploying Snort.

In particular, I was impressed by:

* Page 35 - A 5-page list detailing the different options available via the command-line.

* Page 69 - Details some of the techniques used to evade IDSs.

* Chapter 5's description of preprocessor configurations was a valuable tool to a newbie of UNIX.

* Chapter 10 description of ACID as a Snort IDS Management Console.

The only area I wish the authors expanded on was in Chapter 7 "Creating Your Own Rules". This area can easily be supplemented from documentation on the web.

The book has a natural bias toward elevating open source tools (I am fan of open source tools). Appreciating that fact, I must admit I have used this book when I have been describing the value of open source tools. Overall, I think "Managing Security with Snort and IDS Tools" is a valuable addition to anyone's Snort arsenal.

I give this book 4 pings out of 5:

13 of 14 people found the following review helpful
5.0 out of 5 stars One of the better discourses on Snort Dec 27 2004
By Harold McFarland - Published on Amazon.com
Format: Paperback
This is basically a book about intrusion detection using all open source tools. It starts with an introductory chapter that explains the problem of defining an intrusion and why it is becoming more and more of a problem. It follows up with a chapter on network traffic analysis including packet sniffing and using tcpdump and ethereal. Then comes the meat of the text - installing Snort. Of course to really understand how to use Snort you have to understand how attacks occur and the common methods used. The authors provide a really nice chapter on this subject. After that come five chapters on configuring, deploying, and managing Snort rules, intrusion prevention strategies, and tuning. Once Snort is up and running the authors examine the use of ACID and SnortCenter as Snort IDS management consoles. Either of these products drastically decreases the burden of analyzing what has happened and is happening on the intrusion detection forefront. The book ends with additional tools for Snort IDS management and implementation strategies for high-bandwidth situations.

There are other very good books on Snort but one of the things that makes this one particularly valuable is that it also looks at other open source tools and provides a good basic background on intrusion detection theory. Managing Security with Snort and IDS Tools is highly recommended for those in charge of intrusion detection and prevention in a network environment and planning to implement a system their self.
10 of 11 people found the following review helpful
5.0 out of 5 stars Excellent description of Snort Oct. 9 2004
By Eric Wuehler - Published on Amazon.com
Format: Paperback
Up to this point, I've only use simple firewalls for my home network. Not that I think there's anything really worth hacking on my home network, but I thought I'd spend a little time learning about intrusion detection. This book is great for several reasons. First, it is well put together and easy to follow. Second, it describes in detail the open source project Snort. Finally, it satisfied my curiosity about IDS (Intrusion detection systems) - I'm not an expert, but I now understand the concepts.

Even though the book did not mention OS X specifically, it was easy to get snort compiled and installed on my Mac. There were a few tweaks I had to do, but if you're familiar with "configure; make; make install", it should be a snap. (Likewise, fink or darwinports can get you going with Snort as well). Any other flavor of Unix/Linux would be that much easier to install.

Beyond just describing how to install and configure Snort, the book does go into some detail about how networks are attacked and how Snort goes about alerting you to possible intrusive behavior. There are also numerous reference to web sites and other books to find more information. It also goes into detail on various other tools that augment and complement Snort.

Very well done.