System and network administrators who are concerned about attacks against their computer systems. Also ideal for information security professionals who would like to add Snort to their line of defenses. This book assumes the reader has a basic knowledge of the Internet services (such as Web, e-mail, and FTP), and knows how to install software on their computer systems. No previous experience with Snort or knowledge of intrusion detection is required.
Contents
Introduction.
Part I: Getting to Know Snort and Intrusion Detection.
Chapter 1: Looking Up Snort’s Nose.
Chapter 2: Fitting In Snort.
Chapter 3: Readying Your Preflight Checklist.
Chapter 4: Makin’ Bacon: Installing Snort for Linux.
Chapter 5: Installing Snort and MySQL for Windows.
Part II: Administering Your Snort Box.
Chapter 6: Snorting Through Logs and Alerts.
Chapter 7: Adding Visuals and Getting Reports.
Chapter 8: Making Your Own Rules.
Chapter 9: What, Me Worry?
Chapter 10: Dealing with the Real Thing.
Part III: Moving Beyond the Basics.
Chapter 11: Reacting in Real Time.
Chapter 12: Keeping Snort Up to Date.
Chapter 13: Filling Your Farm with Pigs.
Chapter 14: Using the Barnyard Output Tool.
Part IV: The Part of Tens.
Chapter 15: Ten Cool Tools for Snort.
Chapter 16: Ten Snort Information Resources.
Appendix A: What’s On the CD-ROM.
Index.
Charlie Scott (Austin, TX) is an information security analyst for the city of Austin, where he helps maintain the city's network security infrastructure and analyzes intrusion detection data.
Paul Wolfe (Austin, TX) is a security consultant and author, specializing in open source security tools. Paul performs risk analysis for Fortune 500 companies, law enforcement, and government.
Bert Hayes is a Security Technical Analyst for the State of Texas, where he maintains network security for a medium sized agency. He has long been a proponent of open source solutions, and is a Red Hat Certified Enguneer (RHCE.