Velocity Reviews - Computer Hardware Reviews
Home Forums Reviews Guides Newsgroups Register Search
Member Login:

Velocity Reviews > Newsgroups > Computing > Computer Security > REVIEW: "Managing Security with Snort and IDS Tools", Kerry Cox/Christopher Gerg

Reply
Thread Tools

REVIEW: "Managing Security with Snort and IDS Tools", Kerry Cox/Christopher Gerg

 
 
Rob Slade, doting grandpa of Ryan and Trevor
Guest
Posts: n/a
 
      02-09-2005
BKMSWSIT.RVW 20041106

"Managing Security with Snort and IDS Tools", Kerry Cox/Christopher
Gerg, 2004, 0-596-00661-6, U$39.95/C$57.95
%A Kerry Cox
%A Christopher Gerg
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%D 2004
%G 0-596-00661-6
%I O'Reilly & Associates, Inc.
%O U$39.95/C$57.95 800-998-9938 fax: 707-829-0104
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne
http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20
%O tl a rl 2 tc 3 ta 3 tv 2 wq 2
%P 269 p.
%T "Managing Security with Snort and IDS Tools"

Chapter one explains what Snort, and network intrusion detection, is.
The basics of network traffic sniffing and analysis, and the operation
of tcpdump and ethereal, are described in chapter two. Installation,
options, and the basic operation of Snort are outlined in chapter
three. Chapter four details the different types of blackhat and
intruder activity in terms of network intrusion. Chapter five details
the confguration file and choices. How, and where, to use and set up
Snort is the topic of chapter six. Snort rules are explained in
chapter seven, which also outlines the system for creating them.
Snort can also be used for intrusion prevention, as chapter eight
points out. Tuning sensitivity, and establishing thresholds and
clipping levels, is discussed in chapter nine. Chapter ten reviews
the use of ACID (Analysis Console for Intrusion Detection) as a
management console. An alternative program is SnortCenter, described
in chapter eleven, and more options are listed in twelve. Chapter
thirteen notes possibilities for the use of Snort in high bandwidth
situations.

For those interested in the standard intrusion detection program, here
is a set of useful explanations for its use and operation.

copyright Robert M. Slade, 2004 BKMSWSIT.RVW 20041106

--
======================

============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Book reviews: [Base URL]mnbk.htm
Review mailing list: send mail to techbooks-
or techbooks-
 
Reply With Quote
 
 
 
Reply

« Re: Does anybody know about this URL *.0.0.0.0 | Neotrace program snoops on me »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco IDS signature update vs. Snort Hoffa Cisco 0 01-24-2007 02:44 PM
after transfer of data from MS-outlook(mail ids) to application,mail ids are consisting of strange characters vamsikrishna_b@coolgoose.com Python 2 06-21-2005 12:41 PM
Cisco 2950 and Snort Iris Cisco 0 03-21-2005 03:20 PM
bush and kerry family tree nerd32768 MCSE 9 06-25-2004 04:56 PM
New book reviews - Snort 2.0, Intrusion Detection with Snort and Hack I.T. - Penetration testing Lord Shaolin Computer Security 2 08-12-2003 08:56 AM



Advertisments
 


Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc..
SEO by vBSEO ©2010, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57