×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Managing Security with Snort and IDS Tools
  • Alternative view 1 of Managing Security with Snort and IDS Tools
  • Alternative view 2 of Managing Security with Snort and IDS Tools
     

Managing Security with Snort and IDS Tools

4.0 1
by Kerry J. Cox, Christopher Gerg
 

See All Formats & Editions

Intrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe—in fact impenetrable—from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders.Designing a

Overview

Intrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe—in fact impenetrable—from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders.Designing a reliable way to detect intruders before they get in is a vital but daunting challenge. Because of this, a plethora of complex, sophisticated, and pricy software solutions are now available. In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. Which output plugin to use? How do you to email alerts to yourself? Most importantly, how do you sort through the immense amount of information Snort makes available to you? Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools. This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs.Managing Security with Snort and IDS Tools covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book explains how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices.Step-by-step instructions are provided to quickly get up and running with Snort. Each chapter includes links for the programs discussed, and additional links at the end of the book give administrators access to numerous web sites for additional information and instructional material that will satisfy even the most serious security enthusiasts.Managing Security with Snort and IDS Tools maps out a proactive—and effective—approach to keeping your systems safe from attack.

Product Details

ISBN-13:
9780596006617
Publisher:
O'Reilly Media, Incorporated
Publication date:
08/28/2004
Edition description:
First Edition
Pages:
292
Sales rank:
1,034,122
Product dimensions:
7.00(w) x 9.19(h) x 0.77(d)

Meet the Author

Kerry Cox is a knowledgeable and enthusiastic chief administrator/network engineer at Bonneville International/KSL Radio and Television where he manages 40 Red Hat Linux servers, as well as Solaris and FreeBSD, performing installation, patching, hardening, and maintenance. He also handles all Cisco routers, switches, PIX and Checkpoint firewalls, CSS load balancers, IDS sensors and consoles. Kerry has implemented open source solution for monitoring networks, architectures, server processes, and bandwidth. Previously, he worked at network communications companies and ISPs and is the author of two books by Prima: the Linux Productivity Administrator's Guide and Red Hat Linux Administrator's Guide.

Christopher Gerg CISSP, CHSP is the Network Security Manager for Berbee Information Networks. His IT career started with phone technical support for Microsoft s launch of Windows 95 and his MCSE dates back to NT 3.51. He s worked as a system and network administrator and has traveled extensively installing WANs and infrastructure for a variety of clients. Five years ago things changed Christopher discovered open-source operating systems (FreeBSD, Debian, and Suse are his favorites) and he s spent three years as a penetration tester with Berbee and then transitioned from attack to defend for the last two years. Christopher is responsible for the network security of two Enterprise-class datacenters, the customers located in them, and the network infrastructure that connects it all (Multiple OC-48 SONET rings and multiple OC-3 s to the Internet). He uses Snort to watch it all.In his free time, Christopher raises rugged mountain alpacas in the wind-swept mountains of South-Central Wisconsin.

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews

Managing Security with Snort and IDS Tools 4 out of 5 based on 0 ratings. 1 reviews.
Guest More than 1 year ago
Welcome to Snort! More broadly, this book works well as a practical explanation of the general field of Intrusion Detection Systems. Key affiliated tools are covered, like tcpdump and Ethereal. Which are also free and open source, just like Snort. There is a general and I think understandable bias in this book towards such tools. The authors claim, and you must have heard this before, that such tools are often more likely to be bug free and mature than proprietary tools. If you work your way through the chapters, then you can get a good education in the main ideas like setting up prevention strategies and how to look for evidence of attacks. Instantiated via using Snort. But if you're smart, you can generalise this. Plus, keep an eye out for any useful techniques that Snort currently lacks. If you find these, perhaps you can build a high value tool off them? Don't take Snort as the last word in these matters.