From the Back Cover
Protect your network with Snort: the high-performance, open source IDS
Snort gives network administrators an open source intrusion detection system that outperforms proprietary alternatives. Now, Rafeeq Ur Rehman explains and simplifies every aspect of deploying and managing Snort in your network. You'll discover how to monitor all your network traffic in real time; update Snort to reflect new security threats; automate and analyze Snort alerts; and more. Best of all, Rehman's custom scripts integrate Snort with Apache, MySQL, PHP, and ACID-so you can build and optimize a complete IDS solution more quickly than ever before.
- An expert introduction to intrusion detection and the role of Snort
- Writing and updating Snort rules to reflect the latest attacks and exploits
- Contains detailed coverage of Snort plug-ins, preprocessors, and output modules
- Logging alerts to a MySQL database
- Using ACID to search, process, and analyze security alerts
- Using SnortSnarf to analyze Snort log files
- XML support for Snort via the Simple Network Markup Language (SNML)
The accompanying ftp site contains all the software, scripts, and rules you need to get started with Snort. About the Open Source Series
Bruce Perens' Open Source Series is a definitive series of Linux and Open Source books by the world's leading Linux software developers. Bruce Perens is the primary author of The Open Source Definition, the formative document of the open source movement, and the former Debian GNU/Linux Project Leader. The text of this book is Open Source licensed
About the Author
RAFEEQ UR REHMAN is founding director of Argus Network Security Services, Inc. He is an HP Certified System Administrator and CCNA with more than nine years' experience in UNIX and network administration, as well as C and database programming. His books include The Linux Development Platform; Solaris 8 Training Guide (310-043): Network Administrator Certification; and HP Certified: HP-UX System Administration. He is a contributing writer for SysAdmin Journal and Linux Journal.