Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] Snort Tool Evaluation

from [Ty Bodell] Network Security [Permanent Link]
Subject: Re: [Snort-users] Snort Tool Evaluation
Date: Wed, 29 Sep 2004 01:07:56 -0500 
Mr. Geschke--
I did read this book actually, and I'm not proclaiming it's a bible or
anything.  In fact, it's little more than a tool reference, listing
switches to the tools and options in the interfaces for third party
tools related to snort.  But, it does cover a majority of the tools
and this was why I was suggesting this to Jo.  To get a handle on the
tools mentioned in this book related to snort and extract pro's and
con's for using each one.

I also did read Snort 2.1 Intrustion Detection Second Edition Upgrade
and yes, I must concurr with and second your opinion.  There is no
better reference or doc that covers snort in all the ways that an
admin needs to know.

Best,
Ty Bodell


On Tue, 28 Sep 2004 21:06:38 +0200, Dirk Geschke <dirk_geschke@genua.de> wrote:

Hi Ty,


Checkout the book "Managing Security with Snort and IDS Tools".  It's
an Oreilly book and it goes over a good amount of the tools designed
for snort.  From preprocessors to Web interfaces and Consoles, what
works with High Bandwidth deployments, etc.  I don't believe it covers
OpenAanval though.  You can extract the pro's and cons from there.


did you read this book? I just did this and it is by far the uggliest
book I have seen either by O'Reilly or covering snort.

If you read the documentation which comes with snort you will get
better informations than this book will give you.

If you are looking for a good book then take

Snort 2.1 Intrusion Detection, Second Edition ISBN 1-931836-04-3
by Brian Caswell and Jay Beale

(Ok, I didn't read this book but the first edition covering snort-2.0
and this book was quite useful. So I expect the second edition will be too.)

Best regards

Dirk

PS: There are more books on snort available but I read this two books.
So I can't say anything to the other ones. They might be good or not but
the O'Reilly book is definitively not useful.




-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Snort-users] confuse with alerts file, maku bex
Next by Date:  [Snort-users] (no subject), Peter Osterberg
Previous by Thread:  Re: [Snort-users] Snort Tool Evaluation, Dirk Geschke
Next by Thread:  Re: [Snort-users] Snort Tool Evaluation, Dirk Geschke
Indexes:  [Date] [Thread] [Top] [All Lists]