Snort 2.1 Intrusion Detection, Second Edition
- Brian Caswell, Snort.org webmaster, USA
- Jay Beale, Series Editor of the Jay Beale Open Source Security Series, lead developer of the Bastille project, Seattle, WA
Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities.Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). Readers will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability. A CD containing the latest version of Snort as well as other up-to-date Open Source security utilities will accompany the book.Snort is a powerful Network Intrusion Detection System that can provide enterprise wide sensors to protect your computer assets from both internal and external attack.
This audience is comprised of engineers and administrators, who: 1. Protect their network and storage data from theft and/or corruption. 2. Ensure both Web-based and internal application and data availability to customers, business partners, and employees. 3. Optimize network hardware, software, storage, and bandwidth resources. The audience for this book includes the thousands of people who download Snort for the first time every day, as well as for anyone whou is familiar with the first edition of the book. They accomplish these tasks by installing, configuring, troubleshooting, and maintaining a combination of commercial and open source firewalls/VPNs, security appliances, Intrusion Detection Systems (IDSs), Packet Analyzers (Sniffers), and AntiVirus applications. This audience is task oriented and focused on executing IT objectives mandated by their ever-changing business needs.