Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities. Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). You will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability. A CD containing the latest version of Snort as well as other up-to-date Open Source security utilities will accompany the book.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 11 Ratings

Jay gets the job done - 2005-02-28
Reviewer Rating:
this is a great book on snort!!!!

Very, very valuable

I never got the book. - 2009-04-20
Reviewer Rating:
It took 5 weeks to find out the vendor didn't even have a copy of it in stock.

Snort 2.1 - 2006-02-23
Reviewer Rating:
The information in this book was invalueable but sometimes it was hard to follow because it was poorly written

Good introductionto Snort - 2005-11-28
Reviewer Rating:
Snort 2.1 Intrusion Detection (2nd Edition) is useful as a general introduction to intrusion detection and Snort. If you already have a good understanding of IDS technology you may find the IDS discussion to be a bit general in nature. For someone who only wants to review the basic IDS principals quickly and without a great deal of extra detail the IDS coverage in this book is sufficient. Much of the information on Snort felt like a retelling of Snort Users Manual from the Snort web site. Part of this feeling may be due to the fact that members of the Snort development team who undoubtedly had a hand in the user's manual wrote this book. This book does go into more detail on some subjects than the Snort Users Manual. There is a good step by step set of instructions for installing Snort and associated software on either a Windows or a Linux system. Overall this book seems to be a pretty good overview of Snort for someone looking to use only one resource, but I do not see anything that is not also available in other documentation available.

Snort is moving fast - 2005-03-08
Reviewer Rating:
At the time of this review, the latest version of Snort is 2.3. However, the newest books(about two out there) on Snort, including this one, only covers up to version 2.1. And according to the Product Description, "in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0". This pretty much means that this book is already out-dated, and it's printed in 2004, less than a year ago. This reminds me of when Linux was starting to get popular. Red Hat Linux went from version 6.2 to version 9.0 in just two years. Not to mention there are tons of books supposely dedicated to all those versions of Linux in the short two year period. Linux saved businesses a lot of money, and provided stability that MS Windows counterpart didn't. Snort will eventually replace or be at the same level as the current commercial Intrusion Detection Systems(IDS).
I think this time the publishers are smarter, and recognized the pattern from their Linux frenzy publishing experience, lol. The old Linux books litter the thousands of bookstore shelves with nobody buying, lol. That's why at the moment there are very few books on Snort.

Browse Similar Topics

Top Level Categories:
Business
Networking

Sub-Categories:
Business > Hacking
Networking > Security