- Paperback: 304 pages
- Publisher: O'Reilly Media (August 12, 2004)
- Language: English
- ISBN-10: 0596006616
- ISBN-13: 978-0596006617
- Product Dimensions: 7 x 0.8 x 9.2 inches
- Shipping Weight: 1 pounds (View shipping rates and policies)
- Average Customer Review: 11 customer reviews
- Amazon Best Sellers Rank: #1,053,240 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Managing Security with Snort and IDS Tools
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
About the Author
Kerry Cox is a knowledgeable and enthusiastic chief administrator/network engineer at Bonneville International/KSL Radio and Television where he manages 40 Red Hat Linux servers, as well as Solaris and FreeBSD, performing installation, patching, hardening, and maintenance. He also handles all Cisco routers, switches, PIX and Checkpoint firewalls, CSS load balancers, IDS sensors and consoles. Kerry has implemented open source solution for monitoring networks, architectures, server processes, and bandwidth. Previously, he worked at network communications companies and ISPs and is the author of two books by Prima: the Linux Productivity Administrator's Guide and Red Hat Linux Administrator's Guide.
Christopher Gerg CISSP, CHSP is the Network Security Manager for Berbee Information Networks. His IT career started with phone technical support for Microsoft s launch of Windows 95 and his MCSE dates back to NT 3.51. He s worked as a system and network administrator and has traveled extensively installing WANs and infrastructure for a variety of clients. Five years ago things changed Christopher discovered open-source operating systems (FreeBSD, Debian, and Suse are his favorites) and he s spent three years as a penetration tester with Berbee and then transitioned from attack to defend for the last two years. Christopher is responsible for the network security of two Enterprise-class datacenters, the customers located in them, and the network infrastructure that connects it all (Multiple OC-48 SONET rings and multiple OC-3 s to the Internet). He uses Snort to watch it all.In his free time, Christopher raises rugged mountain alpacas in the wind-swept mountains of South-Central Wisconsin.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
That is the sign of a good book. Well used.
There are other very good books on Snort but one of the things that makes this one particularly valuable is that it also looks at other open source tools and provides a good basic background on intrusion detection theory. Managing Security with Snort and IDS Tools is highly recommended for those in charge of intrusion detection and prevention in a network environment and planning to implement a system their self.
Even though the book did not mention OS X specifically, it was easy to get snort compiled and installed on my Mac. There were a few tweaks I had to do, but if you're familiar with "configure; make; make install", it should be a snap. (Likewise, fink or darwinports can get you going with Snort as well). Any other flavor of Unix/Linux would be that much easier to install.
Beyond just describing how to install and configure Snort, the book does go into some detail about how networks are attacked and how Snort goes about alerting you to possible intrusive behavior. There are also numerous reference to web sites and other books to find more information. It also goes into detail on various other tools that augment and complement Snort.
Very well done.
In particular, I was impressed by:
* Page 35 - A 5-page list detailing the different options available via the command-line.
* Page 69 - Details some of the techniques used to evade IDSs.
* Chapter 5's description of preprocessor configurations was a valuable tool to a newbie of UNIX.
* Chapter 10 description of ACID as a Snort IDS Management Console.
The only area I wish the authors expanded on was in Chapter 7 "Creating Your Own Rules". This area can easily be supplemented from documentation on the web.
The book has a natural bias toward elevating open source tools (I am fan of open source tools). Appreciating that fact, I must admit I have used this book when I have been describing the value of open source tools. Overall, I think "Managing Security with Snort and IDS Tools" is a valuable addition to anyone's Snort arsenal.
I give this book 4 pings out of 5:
If you work your way through the chapters, then you can get a good education in the main ideas like setting up prevention strategies and how to look for evidence of attacks. Instantiated via using Snort. But if you're smart, you can generalise this. Plus, keep an eye out for any useful techniques that Snort currently lacks. If you find these, perhaps you can build a high value tool off them? Don't take Snort as the last word in these matters.