Intrusion detection primer -- Network intrusion detection with Snort -- Dissecting Snort -- Planning for the Snort installation -- The foundation : hardware and operating systems -- Building the server -- Building the sensor -- Building the analyst's console -- Additional installation methods -- Tuning and reducing false positives -- Real-time alerting -- Basic rule writing -- Upgrading and maintaining Snort -- Advanced topics in intrusion prevention.
0
SUMMARY OR ABSTRACT
Text of Note
With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets. Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits. The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running. Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.