Franklin

Snort [electronic resource] : IDS and IPS toolkit / featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.

Author/Creator:
Beale, Jay.
Publication:
Burlington, MA : Syngress, c2007.
Format/Description:
Book
1 online resource (769 p.)
Edition:
1st edition
Series:
Jay Beale's open source security series.
Jay Beale's open source security series
Status/Location:
Loading...

Options
Location Notes Your Loan Policy

Details

Subjects:
Snort (Software).
Computer networks -- Security measures.
Computers -- Access control.
Computer security.
Form/Genre:
Electronic books.
Language:
English
System Details:
text file
Summary:
This all new book covering the brand new Snort version 2.6 from members of the Snort developers team.This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing rea
Contents:
Front Cover; SnortĀ® IDS and IPS Toolkit; Copyright Page; Contents; Foreword; Chapter 1. Intrusion Detection Systems; Introduction; What Is Intrusion Detection?; How an IDS Works; Why Are Intrusion Detection Systems Important?; What Else Can You Do with Intrusion Detection Systems?; What About Intrusion Prevention?; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 2. Introducing Snort 2.6; Introduction; What Is Snort?; What's New in Snort 2.6; Snort System Requirements; Exploring Snort's Features; Using Snort on Your Network; Security Considerations with Snort; Summary
Solutions Fast TrackFrequently Asked Questions; Chapter 3. Installing Snort 2.6; Introduction; Choosing the Right OS; Hardware Platform Considerations; Installing Snort; Configuring Snort; Testing Snort; Maintaining Snort; Updating Snort; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 4. Configuring Snort and Add-Ons; Placing Your NIDS; Configuring Snort on a Windows System; Configuring Snort on a Linux System; Other Snort Add-Ons; Demonstrating Effectiveness; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 5. Inner Workings; Introduction
Snort InitializationSnort Packet Processing; Inside the Detection Engine; The Dynamic Detection Engine; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 6. Preprocessors; Introduction; What Is a Preprocessor?; Preprocessor Options for Reassembling Packets; Preprocessor Options for Decoding and Normalizing Protocols; Preprocessor Options for Nonrule or Anomaly-Based Detection; Dynamic Preprocessors; Experimental Preprocessors; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 7. Playing by the Rules; Introduction; What Is a Rule?; Understanding Rules
Other Advanced OptionsOrdering for Performance; Thresholding; Suppression; Packet Analysis; Rules for Vulnerabilities, Not Exploits; A Rule: Start to Finish; Rules of Note; Stupid Rule Tricks; Keeping Rules Up to Date; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 8. Snort Output Plug-Ins; Introduction; What Is an Output Plug-In?; Exploring Snort's Output Plug-In Options; Writing Your Own Output Plug-In; Troubleshooting Output Plug-In Problems; Add-On Tools; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 9. Exploring IDS Event Analysis, Snort Style
IntroductionWhat Is Data Analysis?; Data Analysis Tools; Analyzing Snort Events; Reporting Snort Events; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 10. Optimizing Snort; Introduction; How Do I Choose the Hardware to Use?; How Do I Choose the Operating System to Use?; Speeding Up Snort; Cranking Up the Database; Benchmarking and Testing the Deployment; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 11. Active Response; Introduction; Active Response versus Intrusion Prevention; SnortSam; Fwsnort; snort_Inline; Summary; Solutions Fast Track
Frequently Asked Questions
Notes:
Includes index.
Contributor:
Baker, Andrew R.
Esler, Joel.
ISBN:
1-281-11259-3
9786611112592
0-08-054927-6
OCLC:
476126384