Join Amazon Prime and ship Two-Day for free and Overnight for $3.99. Already a member? Sign in.

 

or
Sign in to turn on 1-Click ordering.
 
 
More Buying Choices
42 used & new from $0.57
Have one to sell? Sell yours here
 
   
Snort 2.0 Intrusion Detection
 
 
Share your own customer images
Search inside this book
Tell the Publisher!
I’d like to read this book on Kindle

Don’t have a Kindle? Get yours here.
 
  

Snort 2.0 Intrusion Detection (Paperback)

by Brian Caswell (Author), Jay Beale (Author), James C. Foster (Author), Jeremy Faircloth (Author)
Key Phrases: intrusion detection systems, using snort, directory traversal, The Inner Workings, Installing Snort, Exploring the Data Analysis Tools (more...)
4.2 out of 5 stars See all reviews (19 customer reviews)
List Price: $49.95
Price: $48.95 & this item ships for FREE with Super Saver Shipping. Details
You Save: $1.00 (2%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Upgrade this book for $9.99 more, and you can read, search, and annotate every page online. See details
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Only 2 left in stock--order soon.

Want it delivered Tuesday, July 21? Choose One-Day Shipping at checkout. Details
22 new from $6.74 20 used from $0.57
Also Available in: List Price: Our Price: Other Offers:
Digital (Download: PDF) $49.95 $49.95
There is a newer edition of this item:
Snort 2.1 Intrusion Detection, Second Edition Snort 2.1 Intrusion Detection, Second Edition 4.4 out of 5 stars (11)
18 used & new from $5.28

Frequently Bought Together

Snort 2.0 Intrusion Detection + Snort for Dummies + Managing Security with Snort and IDS Tools
  • This item: Snort 2.0 Intrusion Detection by Brian Caswell

    In Stock.
    Ships from and sold by Amazon.com.
    This item ships for FREE with Super Saver Shipping. Details

  • Snort for Dummies by Charlie Scott

    In Stock.
    Ships from and sold by Amazon.com.
    This item ships for FREE with Super Saver Shipping. Details

  • Managing Security with Snort and IDS Tools by Christopher Gerg

    In Stock.
    Ships from and sold by Amazon.com.
    This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Intrusion Detection with Snort

Intrusion Detection with Snort

by Jack Koziol
4.2 out of 5 stars (15)  $36.50
Managing Security with Snort and IDS Tools

Managing Security with Snort and IDS Tools

by Christopher Gerg
4.6 out of 5 stars (9)  $30.36
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

by Gordon Fyodor Lyon
4.9 out of 5 stars (14)  $32.97
Virtual Honeypots: From Botnet Tracking to Intrusion Detection

Virtual Honeypots: From Botnet Tracking to Intrusion Detection

by Niels Provos
5.0 out of 5 stars (12)  $34.64
Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting

Linux Server Hacks, Volume Two: Tips & Tools for Connecting, Monitoring, and Troubleshooting

by William von Hagen
4.9 out of 5 stars (7)  $19.77
Explore similar items

Editorial Reviews

Review
Configuring Symantec AntiVirus Enterprise Edition teaches you how to implement, upgrade, and configure in a diverse network environment$B!&(B -- David Banes, Symantec Security Response, Asia Pacific Regional Manager

Review
"I have been a diehard Snort user and member of the community since day one. Snort is awesome and there are so many incredibly talented people involved with it. I always wished that there was a book that documented everything, and gave lots of very cool information on all of the inner workings. I was psyched when I heard this book was being written, and I orderd it before it came out. I got mine on Friday and spent the weekend reading it. Considering the guys (and gal!) who wrote it, I shouldn't be surprised that the book rocks. Everything you ever wanted to know about Snort is in there. And, you know you are getting it from the Pig's mouth--er, or Snout ;)" - reviewer on Amazon.com

See all Editorial Reviews

Product Details

  • Paperback: 550 pages
  • Publisher: Syngress; 1 edition (February 2003)
  • Language: English
  • ISBN-10: 1931836744
  • ISBN-13: 978-1931836746
  • Product Dimensions: 9 x 7.4 x 1.1 inches
  • Shipping Weight: 2.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.2 out of 5 stars See all reviews (19 customer reviews)
  • Amazon.com Sales Rank: #937,455 in Books (See Bestsellers in Books)

    •  Would you like to update product info or give feedback on images?
Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
intrusion detection systems, using snort, directory traversal, subnet mask, memory faults, management packets, node list, control packets, entire query, conversation preprocessor, negotiation preprocessor, snort process, pass udp, portscan preprocessor, config classification, pass tcp, root root drwx, ruleset editor, decode engine, alert tcp, incoming packet data, packet logger, unified logs, libpcap library, preprocessor function
Key Phrases - Capitalized Phrases (CAPs): (learn more)
The Inner Workings, Installing Snort, Exploring the Data Analysis Tools, Frequently Asked Questions, Red Hat, Optimizing Snort, Introducing Snort, Advanced Snort, Implementing Snort Output Plug-ins, Solutions Fast Track, Ask the Author, Marty Roesch, Back Orifice, Initialization Complete, General Public License, Initializing Network Interface, Data Link, Network-based Intrusion Detection System, Classtype Brief Description, Attempted Information Leak, Fatal Error, Indexing Service, Echo Reply, Microsoft Windows, Gentoo Linux
New!
Concordance | Text Stats
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:
Citations (learn more)
2 books cite this book:

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
Check the boxes next to the tags you consider relevant or enter your own tags in the field below.
(1)
(1)
(1)
(1)
(1)
(1)

Your tags: Add your first tag
 
See most popular tags
Help others find this product — tag it for Amazon search
No one has tagged this product for Amazon search yet. Why not be the first to suggest a search for which it should appear?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more
 

Customer Reviews

19 Reviews
5 star:
 (13)
4 star:
 (1)
3 star:
 (2)
2 star:
 (2)
1 star:
 (1)
 
 
 
 
 
Average Customer Review
4.2 out of 5 stars (19 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

 
39 of 41 people found the following review helpful:
4.0 out of 5 stars The current leader in the Snort IDS book arms race, July 15, 2003
"Snort 2.0" offers content not found in other books on Snort, such as Tim Crothers' more generic "Implementing IDS" (4 stars) and Rafeeq Rehman's "Intrusion Detection with Snort." (3 stars) I've read the best IDS books, and used IDS technology, since 1998, and "Snort 2.0" is the first to give real insight into an IDS' inner workings. Thanks to the technical knowledge of the author team, "Snort 2.0" earns the reader's appreciation by explaining how and why the open source Snort IDS works its magic.

"Snort 2.0" starts well with a short history of Marty Roesch's favorite project, followed by solid explanations of the key elements of Snort's architecture in ch. 2. The actual workings of the Snort code is expanded upon in ch. 4 (modes), 5 (rules), and 6 (packet handling and preprocessors). One could read these sections and get a real sense of how the stream4 preprocessor works, for example. These sections are augmented by helpful tangents on compiling source code (ch. 3) and updates via CVS (ch. 9). This attention to detail and desire to include related information demonstrates a high level of commitment to the reader's education.

"Snort 2.0" has several technical errors or typos which prevented me from giving a 5 star review. p. 110's diagram of a TCP sessions should say "SYN, SYN-ACK, ACK", not "SYN, ACK, SYN-ACK". Later on that page, the author claims "The server replies with a SYN/ACK if the port is open, and a SYN/RST if the port is not listening." The correct closed response is "RST/ACK". p. 203 implies one can scan for open ports with the ACK flag set to evade stateless packet filters. This is wrong, as scanning with the ACK flag set only helps host discovery. I found the reprinting of multiple pages of C code unnecessary. I also wished the sections on building preprocessors had started from scratch, rather than explain an existing preprocessor.

Overall, I found "Snort 2.0" enlightening. The authors have a powerful understanding of the workings of Snort, and apply it in novel ways. "Policy-based IDS" in ch. 12 is one example, while the "rule categorization" chart in ch. 10 is another. Only the Wiley "Deploying Snort 2.0" book, due this fall, has a chance to displace "Snort 2.0" in the Snort-focused IDS book arena.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
17 of 21 people found the following review helpful:
2.0 out of 5 stars Too many mistakes, October 30, 2003
By "techwonder" (San Diego, CA United States) - See all my reviews
The technical content is ok, but I am extremely tired of reading books that contain so many grammatical mistakes that one gets irritated every time a page is turned. This publisher is notorious for this and emails I wrote to them were not answered. This is just not acceptable for an expensive book. Don't they have proofreaders?
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
8 of 9 people found the following review helpful:
5.0 out of 5 stars Definitely worth the money., May 13, 2003
I've been using Snort for some time. I really like it, but I've always found it a little difficult to keep up with all of the features and everything. If you spend a lot of time on the snort.org site and on the mail lists you can learn a lot from everybody. But I don't always have the time to monitor the list or go through the archives. It is great now having everything I need to know in one book. Brian Caswell is the guy who makes all of the releases and keeps everything on the site maintained and he definitely knows his stuff.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)


Share your thoughts with other customers: Create your own review
 
 
Ad
 
Most Recent Customer Reviews

3.0 out of 5 stars Snort 2.0
As many others have said, this book had alot of errors. Mostly in language and what not. It's seriously outdated now, and a new edition is needed (and appears to be on it's way).
Published on November 15, 2006 by Joel Esler

5.0 out of 5 stars Most powerful open-source security tool I've ever seen!
You'll learn how to use Snort as a straight packet sniffer, a packet logger (for network traffic debugging), and a full-blown network intrusion detection system. Read more
Published on April 14, 2004 by amazingoffers

5.0 out of 5 stars Good for even the experienced Snort user
I've been running Snort for since the earliest versions and spend a lot of time on the mail lists, working through problems with other users, etc. Read more
Published on April 9, 2004 by Ted Thornton

1.0 out of 5 stars Not Worth The Money
First of all, this book has way too many grammar mistakes. Secondly, go to the snort web site and download their PDF documents because they are free. Read more
Published on April 8, 2004

3.0 out of 5 stars Useful but pricey
I recommend this book but ... there are numerous (sometimes confusing) copy-editing errors and the things I'm most interested in (using ACID, using unified logs and using ACID... Read more
Published on July 9, 2003

5.0 out of 5 stars Don't run Snort without it
Snorty the pig has long needed a trustworthy manual, the free one on snort.org is good, but this book is great. Read more
Published on June 25, 2003 by Stephen Northcutt

5.0 out of 5 stars There IS no competition for this book
This is a feature link from Snort.org for good reason. First, Brian Caswell knows more about Snort than anyone on the planet and it shows here. Read more
Published on June 5, 2003 by longhornjim

5.0 out of 5 stars SNORT COMPLETE...with a great suite of utilities
I teach a graduate level course on Intrusion Detection. The core textbook is long on security concepts, network topographies, and is about 900 pages. Read more
Published on June 3, 2003 by Jack Fletcher

5.0 out of 5 stars Pig Bytes
Great book. I especially appreciated the technical detail that Jay Beale put into the Preprocessor section. Read more
Published on June 2, 2003 by Michael C Poor

5.0 out of 5 stars Wow!
Talk about detailed! This book covers it all, from the very basic "What does Snort do" to the very advanced features. Read more
Published on June 2, 2003 by Patricia Lupien

Only search this product's reviews


Customer Discussions

 Beta (What's this?)
New! See all customer communities, and bookmark your communities to keep track of them.
This product's forum (0 discussions)
  Discussion Replies Latest Post
  No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
  [Cancel]


Active discussions in related forums
   

Product Information from the Amapedia Community

Beta (What's this?)

Look for Similar Items by Category

Need a Wrench with Great Impact?

Shop for impact wrenches at Amazon.com
Tough jobs require the power of a wrench that won't back down. A variety of impact wrenches are available for any number of projects at prices you'll like.

Shop for impact wrenches

  

Best Books of 2008

Best of 2008
Find our top 100 editors' picks as well as customers' favorites in dozens of categories in our Best Books of 2008 Store.
  

Summer Reading for Kids & Teens

Summer Reading for Kids and Teens
Discover everything from beach reads and board books to teen romance and action-adventure series in Summer Reading for Kids & Teens. And, check off the kids' required reading lists in our Summer School Reading Store.
 

Best Books

Best of the Month
See our editors' picks and more of the best new books on our Best of the Month page.
  
Ad

 

Feedback

If you need help or have a question for Customer Service, contact us.
 Would you like to update product info or give feedback on images?
Is there any other feedback you would like to provide?

Your comments can help make our site better for everyone.


Where's My Stuff?

Shipping & Returns

Need Help?

Your Recent History

  (What's this?)
You have no recently viewed items or searches.

After viewing product detail pages or search results, look here to find an easy way to navigate back to pages you are interested in.

Look to the right column to find helpful suggestions for your shopping session.
Continue shopping: Top Sellers
Free
Free by Chris Anderson
3.5 out of 5 stars (15)$0.00
 Paranoia
Paranoia by Joseph Finder
4.1 out of 5 stars (203)$0.00
 My Soul to Lose
My Soul to Lose by Rachel Vincent
3.2 out of 5 stars (6)$0.00
 The Adventures of Sherlock Holmes
The Adventures of Sherlock Holmes by Arthur Conan, Sir, 1859-1930 Doyle
5.0 out of 5 stars (5)$0.00

amazon.com Amazon.com Home  |   Directory of All Stores
International Sites:  Canada  |  United Kingdom  |  Germany  |  Japan  |  France  |  China
Business Programs: Sell on Amazon  |  Build an eCommerce Site  |  Advertise With Us  |  Developer Services  |  Self-Publish with Us
Help  |  View Cart  |  Your Account  |  1-Click Settings  |  Join Associates  |  Join Advantage
Careers at Amazon  |  Investor Relations  |  Press Releases  |  Corporate Responsibility
Conditions of Use | Privacy Notice © 1996-2009, Amazon.com, Inc. or its affiliates