REVIEW: "Intrusion Detection with Snort", Rafeeq Ur Rehman

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Oct 13, 2003.

  1. BKIDWSAI.RVW 20030902

    "Intrusion Detection with Snort", Rafeeq Ur Rehman, 2003,
    0-13-140733-3, U$39.99/C$62.99
    %A Rafeeq Ur Rehman
    %C One Lake St., Upper Saddle River, NJ 07458
    %D 2003
    %G 0-13-140733-3
    %I Prentice Hall
    %O U$39.99/C$62.99 +1-201-236-7139 fax: +1-201-236-7131
    %O http://www.amazon.com/exec/obidos/ASIN/0131407333/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0131407333/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0131407333/robsladesin03-20
    %P 263 p.
    %T "Intrusion Detection with Snort"

    Chapter one is a very simple introduction to intrusion detection and
    Snort. Beginning with a brief look at topology, chapter two runs
    through an installation of Snort, but does not provide much in the way
    of explanation or recommendation at the various points. The coverage
    of Snort rule creation and syntax, in chapter three, is clear and
    reasonable, but could use more examples of malicious packets and how
    they might be identified. Chapter four does explain some exploit
    rules, in discussing preprocessors, but briefly, and then goes on to
    output options. Chapters five, six, and seven describe MySQL, ACID
    (Analysis Console for Intrusion Databases), and other tools for using
    Snort in conjunction with collected information.

    This is a decent printed documentation for the system, but not much
    more.

    copyright Robert M. Slade, 2003 BKIDWSAI.RVW 20030902

    --
    ======================

    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
     
    Rob Slade, doting grandpa of Ryan and Trevor, Oct 13, 2003
    #1
    1. Advertising

  2. Rob Slade, doting grandpa of Ryan and Trevor

    Tommy Guest

    Rob Slade, doting grandpa of Ryan and Trevor wrote:

    > BKIDWSAI.RVW 20030902
    >
    > "Intrusion Detection with Snort", Rafeeq Ur Rehman, 2003,
    > 0-13-140733-3, U$39.99/C$62.99
    > %A Rafeeq Ur Rehman
    > %C One Lake St., Upper Saddle River, NJ 07458
    > %D 2003
    > %G 0-13-140733-3
    > %I Prentice Hall
    > %O U$39.99/C$62.99 +1-201-236-7139 fax: +1-201-236-7131
    > %O http://www.amazon.com/exec/obidos/ASIN/0131407333/robsladesinterne
    > http://www.amazon.co.uk/exec/obidos/ASIN/0131407333/robsladesinte-21
    > %O http://www.amazon.ca/exec/obidos/ASIN/0131407333/robsladesin03-20
    > %P 263 p.
    > %T "Intrusion Detection with Snort"
    >
    > Chapter one is a very simple introduction to intrusion detection and
    > Snort. Beginning with a brief look at topology, chapter two runs
    > through an installation of Snort, but does not provide much in the way
    > of explanation or recommendation at the various points. The coverage
    > of Snort rule creation and syntax, in chapter three, is clear and
    > reasonable, but could use more examples of malicious packets and how
    > they might be identified. Chapter four does explain some exploit
    > rules, in discussing preprocessors, but briefly, and then goes on to
    > output options. Chapters five, six, and seven describe MySQL, ACID
    > (Analysis Console for Intrusion Databases), and other tools for using
    > Snort in conjunction with collected information.
    >
    > This is a decent printed documentation for the system, but not much
    > more.
    >
    > copyright Robert M. Slade, 2003 BKIDWSAI.RVW 20030902
    >


    You don't need all that to understand Snort/IDS. Install it and READ THE MAN
    FILES!!
     
    Tommy, Oct 13, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Thad

    DP Review Leica Digilux 2 Review

    Thad, May 11, 2004, in forum: Digital Photography
    Replies:
    9
    Views:
    541
    ArtKramr
    May 12, 2004
  2. Mike McGee
    Replies:
    0
    Views:
    1,107
    Mike McGee
    Dec 4, 2003
  3. Lord Shaolin
    Replies:
    2
    Views:
    1,113
    Lord Shaolin
    Aug 12, 2003
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Intrusion Detection with Snort", Jack Koziol

    Rob Slade, doting grandpa of Ryan and Trevor, Oct 7, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    652
    Rob Slade, doting grandpa of Ryan and Trevor
    Oct 7, 2003
  5. Replies:
    0
    Views:
    994
Loading...

Share This Page