|
Posted by Rob Slade on February 9, 2005, 8:20 am
If you were Registered and logged in, you could reply and use other advanced thread options
BKMSWSIT.RVW 20041106
"Managing Security with Snort and IDS Tools", Kerry Cox/Christopher
Gerg, 2004, 0-596-00661-6, U$39.95/C$57.95
%A Kerry Cox
%A Christopher Gerg
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%D 2004
%G 0-596-00661-6
%I O'Reilly & Associates, Inc.
%O U$39.95/C$57.95 800-998-9938 fax: 707-829-0104 nuts@ora.com
%O http://www.amazon.com/exec/obidos/ASIN/0596006616/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0596006616/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0596006616/robsladesin03-20
%O tl a rl 2 tc 3 ta 3 tv 2 wq 2
%P 269 p.
%T "Managing Security with Snort and IDS Tools"
Chapter one explains what Snort, and network intrusion detection, is.
The basics of network traffic sniffing and analysis, and the operation
of tcpdump and ethereal, are described in chapter two. Installation,
options, and the basic operation of Snort are outlined in chapter
three. Chapter four details the different types of blackhat and
intruder activity in terms of network intrusion. Chapter five details
the confguration file and choices. How, and where, to use and set up
Snort is the topic of chapter six. Snort rules are explained in
chapter seven, which also outlines the system for creating them.
Snort can also be used for intrusion prevention, as chapter eight
points out. Tuning sensitivity, and establishing thresholds and
clipping levels, is discussed in chapter nine. Chapter ten reviews
the use of ACID (Analysis Console for Intrusion Detection) as a
management console. An alternative program is SnortCenter, described
in chapter eleven, and more options are listed in twelve. Chapter
thirteen notes possibilities for the use of Snort in high bandwidth
situations.
For those interested in the standard intrusion detection program, here
is a set of useful explanations for its use and operation.
copyright Robert M. Slade, 2004 BKMSWSIT.RVW 20041106
====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu
Science is what we understand well enough to explain to a
computer; Art is everything else. - Donald Ervin Kunth
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
|
| Similar Threads | Posted | | Book Review: "Network Security First-Step", Tom Thomas | January 25, 2006, 11:15 am |
| Book Review on Network Security: Worth Reading | April 30, 2007, 2:54 am |
| Book Review: "Corporate Computer and Network Security", R. Panko | August 25, 2005, 1:26 pm |
| Book Review: "Network Security Fundamentals", G De Laet/G Schauwers | February 20, 2006, 11:18 am |
| Book Review: Practical VoIP Security, Thomas Porter et al | July 3, 2006, 1:41 pm |
| Book Review: Minoli-Cordovana's Authoritative Computer Security | February 12, 2007, 2:35 pm |
| Re: Book Review: Re: Echelon | April 13, 2005, 8:25 am |
| Ameritech Book Review (Thank You) | May 6, 2005, 4:25 pm |
| Book Review: Goodbye to Privacy | April 11, 2005, 11:47 pm |
| Re: Book Review: Goodbye to Privacy | April 13, 2005, 9:45 am |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map