Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-users] Snort Tool Evaluation

from [M Shirk] Network Security [Permanent Link]
Subject: Re: [Snort-users] Snort Tool Evaluation
Date: Wed, 29 Sep 2004 07:57:41 -0400
I too own the Snort 2.0 book, and I would ask Brian Caswell if there are plans for a 2.2 or a 2.3 book?

There are differences between 2.0 and 2.1, but not enough to get the 2.1 book. However, I could be enticed to get the 2.3 with all of the updated rule options

When I had a question about newer options in Snort 2.1 I was told to:
RTFM at http://www.snort.org

I was delighted to see that the snort manual had the latest rule options.

The information at http://www.snort.org is enough to get a sensor up and running in no time
(and of course if you can not follow Patrick Harpers guides, then you should consider a new career in basket weaving).

Shirkdog

From: Dirk Geschke <Dirk_Geschke@genua.de>
To: Ty Bodell <tebodell@gmail.com>
CC: Jo <g01j2027@campus.ru.ac.za>, snort-users@lists.sourceforge.net
Subject: Re: [Snort-users] Snort Tool Evaluation
Date: Tue, 28 Sep 2004 21:06:38 +0200

Hi Ty,

> Checkout the book "Managing Security with Snort and IDS Tools".  It's
> an Oreilly book and it goes over a good amount of the tools designed
> for snort.  From preprocessors to Web interfaces and Consoles, what
> works with High Bandwidth deployments, etc.  I don't believe it covers
> OpenAanval though.  You can extract the pro's and cons from there.

did you read this book? I just did this and it is by far the uggliest
book I have seen either by O'Reilly or covering snort.

If you read the documentation which comes with snort you will get
better informations than this book will give you.

If you are looking for a good book then take

Snort 2.1 Intrusion Detection, Second Edition ISBN 1-931836-04-3
by Brian Caswell and Jay Beale

(Ok, I didn't read this book but the first edition covering snort-2.0
and this book was quite useful. So I expect the second edition will be too.)

Best regards

Dirk

PS: There are more books on snort available but I read this two books.
So I can't say anything to the other ones. They might be good or not but
the O'Reilly book is definitively not useful.


-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Snort-users] Port scan not being logged? at 0 %?, M Shirk
Next by Date:  Re: [Snort-users] (no subject), Martin Roesch
Previous by Thread:  RE: [Snort-users] Snort Tool Evaluation, Harper, Patrick
Next by Thread:  [Snort-users] Suppress OVERSIZE REQUEST-URI DIRECTORY alerts not working?, Aaron Giuoco
Indexes:  [Date] [Thread] [Top] [All Lists]