Snort 2.0 Intrusion Detection

Brian Caswell, Jay Beale, James C. Foster, Jeremy Faircloth

  • 出版商: Syngress Media
  • 出版日期: 2003-01-31
  • 售價: $1,770
  • 貴賓價: 9.5$1,682
  • 語言: 英文
  • 頁數: 550
  • 裝訂: Paperback
  • ISBN: 1931836744
  • ISBN-13: 9781931836746




無標題文件 The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments. Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is written by a member of Readers will receive valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.

  • Explore Snort's Features
    Master the three core features that make Snort so powerful: packet sniffing, packet logging, and intrusion detection.
  • Install Snort
    Find instructions on installing Snort for both Linux and Microsoft Windows.
  • Understand Rule Action Options
    Determine which of the five options is best for you: pass, log, alert, dynamic, or activate.
  • Master stream4 and frag2 Preprocessors
    Enhance Snort's original rule-based pattern-matching model with stream4 and frag2.
  • Configure Unified Logs
    Use unified logs to significantly increase the efficiency of the Snort sensor and free up your Snort engine.
  • Manage Output Plug-Ins
    Install, configure, and use Swatch, ACID, SnortSnarf, IDSCenter, and other plug-ins to monitor log files.
  • Watch for Rule Updates
    Use oinkmaster, a semi-automated tool, to download and compare new rulesets with old ones.
  • Decide Which Rules to Enable
    Identify key protocols and services that are used on your network and determine the level of granularity required for your evidentiary logs.
  • Install and Configure Barnyard
    Run Barnyard in one of three modes of operation: one-shot mode, continual mode, or continual with checkpoint mode.
  • Register for Your 1 Year Upgrade
    The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!