Snort Cookbook

Solutions and Examples for Snort Administrators

Angela D. Orebaugh, Simon Biles, Jacob Babbin - Collection Security

312 pages, parution le 09/05/2005

Ajouter à une liste

Indisponible

Résumé

Designing a reliable way to detect intruders is an essential-but often overwhelming- challenge. Snort, the de facto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP networks. It conducts protocol analysis, content searching, and pattern matching. Snort Cookbook can save you countless hours of sifting through dubious online advice or wordy tutorials to leverage the full power of Snort.

Presented in the popular and practical problem-and-solution O'Reilly Cookbook format, each recipe contains a clear and thorough description of the problem, a concise but complete discussion of the solution, and real-world examples that illustrate that solution. Snort Cookbook covers important issues that systems administrators and security professionals face every day:

Installation
Optimization
Logging
Alerting
Rules and signatures
Detecting viruses
Countermeasures
Detecting common attacks
Administration
Honeypots
Log analysis

Snort Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. If you learn best in the trenches-but don't have hours to spend online poring over tutorials or trolling for best-practice snippets of advice-this ultimate Snort sourcebook is for you. Snort Cookbook will help you solve immediate problems and teach you the tricks you need to take full advantage of Snort-and still have a life.

L'auteur - Angela D. Orebaugh

Angela Orebaugh (CISSP, GCIA, GCFW, GCIH, GSEC, CCNA) has worked in information technology for 10 years. She is currently an Associate at Booz Allen Hamilton in the Washington, DC metro area. Her focus is on perimeter defense, secure architecture design, vulnerability assessments, penetration testing, and intrusion detection. Angela is expert in many commercial and Open Source intrusion detection and analysis tools including Ethereal, Snort, Nessus, and Nmap. She is a graduate of James Madison University with a masters in computer science, and she is currently pursuing her PhD with a concentration in information security at George Mason University. Her GCFW practical received honors recognition and was used as a case study in the book Network Perimeter Security: The Definitive Guide to Firewalls, VPNs, Routers, and Network Intrusion Detection by Stephen Northcutt (ISBN: 0735712328). Angela is a researcher, writer, and speaker for SANS Institute, where she has helped to develop and revise SANS course material and also serves as the Senior Mentor Coach for the SANS Local Mentor Program.

Sommaire

Preface
Installation and Optimization
Logging, Alerts, and Output Plug-ins
Rules and Signatures
Preprocessing: An Introduction
Administrative Tools
Log Analysis
Miscellaneous Other Uses
Index

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	O'Reilly
Auteur(s)	Angela D. Orebaugh, Simon Biles, Jacob Babbin
Collection	Security
Parution	09/05/2005
Nb. de pages	312
Format	17,5 x 23,5
Couverture	Broché
Poids	463g
Intérieur	Noir et Blanc
EAN13	9780596007911
ISBN13	978-0-596-00791-1