Description

The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments.

Snort 2.0 Intrusion Detection is written by a member of Snort.org. The book provides a valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.

The primary reader will be an individual who has a working knowledge of the TCP/IP protocol, expertise in some arena of IT infrastructure, and is inquisitive about what has been attacking their IT network perimeter every 15 seconds.

Key Features

  • The most up-to-date and comprehensive coverage for Snort 2.0!
  • Expert Advice from the Development Team and Step-by-Step Instructions for Installing, Configuring, and Troubleshooting the Snort 2.0 Intrusion Detection System.

Readership

Security conscious or security curious professionals and power users interested in developing a comprehensive intrusion detection system.

Table of Contents

Foreword Chapter 1 Intrusion Detection Systems Introduction What Is Intrusion Detection Network IDS Host-Based IDS Distributed IDS A Trilogy of Vulnerabilities Directory Traversal Vulnerability CodeRed Worm Nimda Worm What Is an Intrusion Using Snort to Catch Intrusions Why Are Intrusion Detection Systems Important Why Are Attackers Interested in Me Where Does an IDS Fit with the Rest of My Security Plan Doesn’t My Firewall Serve as an IDS Where Else Should I Be Looking for Intrusions What Else Can Be Done with Intrusion Detection Monitoring Database Access Monitoring DNS Functions E-Mail Server Protection Using an IDS to Monitor My Company Policy Summary Solutions Fast Track Frequently Asked Questions Chapter 2 Introducing Snort 2.0 Introduction What Is Snort Snort System Requirements Hardware Exploring Snort’s Features Packet Sniffer Preprocessor Detection Engine Alerting/Logging Component Using Snort on Your Network Snort’s Uses Snort and Your Network Architecture Pitfalls When Running Snort Security Considerations with Snort Snort Is Susceptible to Attacks Securing Your Snort System Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Installing Snort Introduction A Brief Word about Linux Distributions Debian Slackware Gentoo Installing PCAP Installing libpcap from Source Installing libpcap from RPM Installing Snort Installing Snort from Source Customizing Your Installation: Editing the snort.conf F

Details

No. of pages:
550
Language:
English
Copyright:
© 2003
Published:
Imprint:
Syngress
Electronic ISBN:
9780080481005
Print ISBN:
9781931836746

About the author

Reviews

"I have been a diehard Snort user and member of the community since day one. Snort is awesome and there are so many incredibly talented people involved with it. I always wished that there was a book that documented everything, and gave lots of very cool information on all of the inner workings. I was psyched when I heard this book was being written, and I orderd it before it came out. I got mine on Friday and spent the weekend reading it. Considering the guys (and gal!) who wrote it, I shouldn't be surprised that the book rocks. Everything you ever wanted to know about Snort is in there. And, you know you are getting it from the Pig's mouth--er, or Snout ;)" --Reviewer on Amazon.com