The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments.
Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is co-written by Brian Caswell of Snort.org.
Readers will gain valuable insight into the code base of Snort and in-depth tutorials covering complex installations, configurations, and troubleshooting scenarios.
- Explore Snort's Features
Master the three core features that make Snort to powerful: packet sniffing, packet logging, and intrusion detection.
- Install Snort
Find instructions on installing Snort for both Linux and Microsoft Windows
- Understand Rule Action Options
Determine which of the five options is best for you: pass, log, alert, dynamic, or activate.
- Decide Which Rules to Enable
Identify key protocols and services that are used on your network and determine the level of granularity required for your evidentiary logs.
- Master stream4 and frag2 Preprocessors
Enhance Snort's original rule-based pattern-matching model with the stream4 and frag2 preprocessors
- Configure Unified Logs
Use unified logs to significantly increase the efficiency of the Snort sensor and free up your Snort engine
- Manage Output Plug-Ins
Install, configure, and use Swatch, ACID, SnortSnarf, IDSCenter, and other plug-ins to monitor log files.
- Watch for Rules Updates
Use oinkmaster, a semi-automated tool, to download and compare new rulesets with old ones.
- Install and Configure Barnyard
Run Barnyard in one of three modes of operation: one-shot mode, continual mode, or continual with checkpoint mode.
- Register for Your 1 Year Upgrade
The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!