| | |  | Software Design, Testing & Engineering | Home » » » Managing Security with Snort and IDS Tools | | | | | | | Description: | | Intrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe--in fact impenetrable--from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is a vital but daunting challenge. Because of this, a plethora of complex, sophisticated, and pricy software solutions are now available. In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. Which output plugin to use? How do you to email alerts to yourself? Most importantly, how do you sort through the immense amount of information Snort makes available to you? Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools. This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs. Managing Security with Snort and IDS Tools covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book explains how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices. Step-by-step instructions are provided to quickly get up and running with Snort. Each chapter includes links for the programs discussed, and additional links at the end of the book give administrators access to numerous web sites for additional information and instructional material that will satisfy even the most serious security enthusiasts. Managing Security with Snort and IDS Tools maps out a proactive--and effective--approach to keeping your systems safe from attack. | | | Product Details: | | | Author:
| Christopher Gerg | | Paperback:
| 304 pages | | Publisher:
| O'Reilly Media | | Publication Date:
| 2004-08 | | Language:
| English | | ISBN:
| 0596006616 | | Package Length:
| 9.06 inches | | Package Width:
| 7.01 inches | | Package Height:
| 0.79 inches | | Package Weight:
| 0.97 pounds | | Average Customer Rating:
|  based on 9 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
 Great info on how to use SNORT properlyNov 22, 2008
O'reilly's books are awesome... and this is no different. Anything and everything on how to use SNORT properly is listed here. Rules and syntax are easy to implement. One downside comment; the title mentions SNORT and IDS tools; it dealt with SNORT heavily, and I didn't get a good coverage of "other" IDS tools... maybe O'reilly has something else in the works?
 Excellent coverage of a complex topicJan 05, 2008
A well-rounded treatment of Snort and IDS in general. The refresher on packet structure is welcome and necessary. While there is a lot of good free material on Snort out on the net, this book is a positive addition to the library for anyone who works with intrusion detection systems, specifically Snort.
Intrusion Detection for ProfessionalsNov 09, 2007
This book is more than a great overview of Intrusion Detection and Defense in Depth using Snort. The authors provide details on packet inspection, configuring Snort, rulesets, and tuning. Then, they take the reader through implementation procedures for Snort with essential tools that make it more useful, MYSQL and ACID. Although the implementation section was limited to the Linux environment, a determined networker can, armed with this book and Internet access, make Snort work in Windows. The authors assume the reader has a knowledge of networking protocols.
Just what I neededAug 31, 2007
The information I wanted when I bought this book is there. This book will be like my Unix in a Nut Shell book. Heavily used, heavily book marked, with dog eared pages as I keep going back to various sections for additional information.
That is the sign of a good book. Well used.
Dan
2 of 2 found the following review helpful:
Snort made easy!Mar 10, 2006
O'Reilly's "Managing Security with Snort and IDS Tools" by Cox and Greg is a practical book that succinctly describes the basic functionality and utility of implanting Snort. The book does an excellent job at discussing the different configuration parameters when deploying Snort.
In particular, I was impressed by:
* Page 35 - A 5-page list detailing the different options available via the command-line.
* Page 69 - Details some of the techniques used to evade IDSs.
* Chapter 5's description of preprocessor configurations was a valuable tool to a newbie of UNIX.
* Chapter 10 description of ACID as a Snort IDS Management Console.
The only area I wish the authors expanded on was in Chapter 7 "Creating Your Own Rules". This area can easily be supplemented from documentation on the web.
The book has a natural bias toward elevating open source tools (I am fan of open source tools). Appreciating that fact, I must admit I have used this book when I have been describing the value of open source tools. Overall, I think "Managing Security with Snort and IDS Tools" is a valuable addition to anyone's Snort arsenal.
I give this book 4 pings out of 5:
!!!.!
| | |
|
