Protect your network with Snort: the high-performance, open source IDS
Snort gives network administrators an open source intrusion detection system that outperforms proprietary alternatives. Now, Rafeeq Ur Rehman explains and simplifies every aspect of deploying and managing Snort in your network. You'll discover how to monitor all your network traffic in real time; update Snort to reflect new security threats; automate and analyze Snort alerts; and more. Best of all, Rehman's custom scripts integrate Snort with Apache, MySQL, PHP, and ACID-so you can build and optimize a complete IDS solution more quickly than ever before.
The accompanying ftp site contains all the software, scripts, and rules you need to get started with Snort.About the Open Source Series
Bruce Perens' Open Source Series is a definitive series of Linux and Open Source books by the world's leading Linux software developers. Bruce Perens is the primary author of The Open Source Definition, the formative document of the open source movement, and the former Debian GNU/Linux Project Leader. The text of this book is Open Source licensed
Download the Sample Chapter related to this title.
1. Introduction to Intrusion Detection and Snort.
What is Intrusion Detection? IDS Policy. Components of Snort. Dealing with Switches. TCP Stream Follow Up. Supported Platforms. How to Protect IDS Itself. References.
Snort Installation Scenarios. Installing Snort. Running Snort on Multiple Network Interfaces. Snort Command Line Options. Step-By-Step Procedure to Compile and Install Snort From Source Code. Location of Snort Files. Snort Modes. Snort Alert Modes. Running Snort in Stealth Mode. References.
TCP/IP Network Layers. The First Bad Rule. CIDR. Structure of a Rule. Rule Headers. Rule Options. The Snort Configuration File. Order of Rules Based upon Action. Automatically Updating Snort Rules. Default Snort Rules and Classes. Sample Default Rules. Writing Good Rules. References.
Preprocessors. Output Modules. Using BPF Fileters. References.
Making Snort Work with MySQL. Secure Logging to Remote Databases Securely Using Stunnel. Snort Database Maintenance. References.
What is ACID? Installation and Configuration. Using ACID. SnortSnarf. Barnyard. References.
SnortSam. IDS Policy Manager. Securing the ACID Web Console. Easy IDS. References.
Download the Index
file related to this title.