Déjà client ? Identifiez-vous

Mot de passe oublié ?

Nouveau client ?

CRÉER VOTRE COMPTE
Snort 2.0 intrusion, detection
Ajouter à une liste

Librairie Eyrolles - Paris 5e
Indisponible

Snort 2.0 intrusion, detection

Snort 2.0 intrusion, detection

Brian Caswell, Jay Beale, James C. Foster, Jeffrey Posluns

552 pages, parution le 22/05/2003

Résumé

The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments. Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is written by a member of Snort.org. Readers will receive valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.

  • Explore Snort's Features
    Master the three core features that make Snort so powerful: packet sniffing, packet logging, and intrusion detection.
  • Install Snort
    Find instructions on installing Snort for both Linux and Microsoft Windows.
  • Understand Rule Action Options
    Determine which of the five options is best for you: pass, log, alert, dynamic, or activate.
  • Master stream4 and frag2 Preprocessors
    Enhance Snort's original rule-based pattern-matching model with stream4 and frag2.
  • Configure Unified Logs
    Use unified logs to significantly increase the efficiency of the Snort sensor and free up your Snort engine.
  • Manage Output Plug-Ins
    Install, configure, and use Swatch, ACID, SnortSnarf, IDSCenter, and other plug-ins to monitor log files.
  • Watch for Rule Updates
    Use oinkmaster, a semi-automated tool, to download and compare new rulesets with old ones.
  • Decide Which Rules to Enable
    Identify key protocols and services that are used on your network and determine the level of granularity required for your evidentiary logs.
  • Install and Configure Barnyard
    Run Barnyard in one of three modes of operation: one-shot mode, continual mode, or continual with checkpoint mode.
  • Register for Your 1 Year Upgrade
  • The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!

Contents

  • Intrusion detection systems
  • Introduction Snort 2.0
  • Installing Snort
  • Snort: The inner workings
  • Playing by the rules
  • Preprocessors
  • Implementing snort output plugs-ins
  • Exploring the data analysis tools
  • Keeping everything up to date
  • Optimizing Snort
  • Mucking around with Barnyard
  • Advanced Snort
Index

L'auteur - Jay Beale

Jay Beale is the founder and president of JJB Security Consulting as well as the lead developer for Bastille Linux, a security product used to harden Linux and HP-UX. A frequent speaker at security conferences, he is the author of Locking Down Linux the Bastille Way.

L'auteur - James C. Foster

James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine (acquired byTechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.

Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business.

Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress Publishing, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, and the forthcoming Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1) .

Caractéristiques techniques

  PAPIER
Éditeur(s) Syngress
Auteur(s) Brian Caswell, Jay Beale, James C. Foster, Jeffrey Posluns
Parution 22/05/2003
Nb. de pages 552
Format 18,8 x 23,4
Couverture Broché
Poids 985g
Intérieur Noir et Blanc
EAN13 9781931836746
ISBN13 978-1-931836-74-6

Avantages Eyrolles.com

Livraison à partir de 0,01 en France métropolitaine
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ d'un million et demi de livres disponibles
satisfait ou remboursé
Satisfait ou remboursé
Paiement sécurisé
modes de paiement
Paiement à l'expédition
partout dans le monde
Livraison partout dans le monde
Service clients sav@commande.eyrolles.com
librairie française
Librairie française depuis 1925
Recevez nos newsletters
Vous serez régulièrement informé(e) de toutes nos actualités.
Inscription