Home > Store > Security > Network Security
Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID
- By Rafeeq Ur Rehman
- Published May 8, 2003 by Prentice Hall. Part of the Bruce Perens'Open Source Series series.
- Copyright 2003
- Dimensions: 7 x 9 1/4
- Pages: 288
- Edition: 1st
- Book
- ISBN-10: 0-13-140733-3
- ISBN-13: 978-0-13-140733-6
Register your product to gain access to bonus material or receive a coupon.
Protect your network with Snort: the high-performance, open source IDS
Snort gives network administrators an open source intrusion detection system that outperforms proprietary alternatives. Now, Rafeeq Ur Rehman explains and simplifies every aspect of deploying and managing Snort in your network. You'll discover how to monitor all your network traffic in real time; update Snort to reflect new security threats; automate and analyze Snort alerts; and more. Best of all, Rehman's custom scripts integrate Snort with Apache, MySQL, PHP, and ACID-so you can build and optimize a complete IDS solution more quickly than ever before.
- An expert introduction to intrusion detection and the role of Snort
- Writing and updating Snort rules to reflect the latest attacks and exploits
- Contains detailed coverage of Snort plug-ins, preprocessors, and output modules
- Logging alerts to a MySQL database
- Using ACID to search, process, and analyze security alerts
- Using SnortSnarf to analyze Snort log files
- XML support for Snort via the Simple Network Markup Language (SNML)
The accompanying ftp site contains all the software, scripts, and rules you need to get started with Snort.
About the Open Source SeriesBruce Perens' Open Source Series is a definitive series of Linux and Open Source books by the world's leading Linux software developers. Bruce Perens is the primary author of The Open Source Definition, the formative document of the open source movement, and the former Debian GNU/Linux Project Leader. The text of this book is Open Source licensed
|
16 of 19 people found the following review helpful
Weakest of the Snort books published thus far, By
This review is from: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (Paperback)
"Intrusion Detection with Snort: Advanced IDS, etc." (IDWS) was the second of this year's intrusion detection books I've reviewed. The first was Tim Crothers' "Implementing Intrusion Detection Systems" (4 stars). I was disappointed by IDWS, since I have a high opinion of Prentice Hall and the new "Bruce Perens' Open Source Series." (I'm looking forward to the book on CIFS, for example.) IDWS read poorly and doesn't deliver as much useful content as the competing Syngress book "Snort 2.0."The most difficult aspect of reading IDWS is the author's grammar, particularly his avoidance of using definitive articles like "the", and other important words. For instance, p. 3 says "Apache web server takes help from ACID, etc." p. 133 claims "However, if you are using HTTP decode preprocessor, this attempt can detected." Beyond grammar, the author demonstrates weak knowledge of the IDS field, stating on p. 1 "Intrusion detection methods starting appearing in the last few... Read more
5 of 6 people found the following review helpful
Good IDS|Snort book, By Karel M Baloun (San Francisco, CA United States) - See all my reviews
This review is from: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (Paperback)
This book is an effective introduction to Intruder Detection, demonstrating how popular open-source tools can be used. I found the code samples, table, diagrams and screenshots to be clear and useful. I learned what I'd hoped to learn and feel empowered to set up an IDS myself. Plenty of links and resources when I want to learn more.I read a few of the other reviews here after I read the book... especially Richard B's. I noticed some of the same techinical mistakes, but don't feel that they are a big deal. As a sr. software engineer and techinical editor, I always read critically, just mentally note them and continue. They aren't the kind of mistakes that make the code useless, or would confuse/mislead any level of reader. Another editing pass would help most books, and I none of the grammar mistakes annoy me - I read to learn what I can and move on, not to nitpick or get annoyed. As far as 1.9 vs. 2.0, I've looked at the snort site and agree that the release is... Read more
11 of 15 people found the following review helpful
Not enough detail, and not up to date, By Larry McGraw (Cleveland) - See all my reviews
This review is from: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (Paperback)
This is the first book that I read on Snort, and I wish I had gone with something else. This book really reads like more of an overview of intrusion detection and Snort, rather than a useful reference for actually using Snort. This would be fine if the title did NOT include the words "Advanced" or "Techniques," because there is not a lot of either in this book. It also doesn't help that it's not written to the latest release. If you want to understand intrusion detection a little better and you are considering to try Snort, then this books is fine. If you want or need more, this just isn't the book.
|
Online Sample Chapter
Index
Download the Index
file related to this title.
Table of Contents
1. Introduction to Intrusion Detection and Snort.
2. Installing Snort and Getting Started.
3. Working with Snort Rules.
4. Plugins, Preprocessors and Output Modules.
5. Using Snort with MySQL.
6. Using ACID and SnortSnarf with Snort.
7. Miscellaneous Tools.
Appendix A: Introduction to tcpdump.
Appendix B: Getting Started with MySQL.
Appendix C: Packet Header Formats.
Appendix D: Glossary.
Appendix E: SNML DTD.
Index.
Downloadable Sample Chapter
Download the Sample Chapter related to this title.
Book
$44.99
$35.99
Available on demand.
This book includes free shipping and is available on demand.
- Request an Instructor or Media review copy.
- Corporate, Academic, and Employee Purchases
- International Buying Options
Get access to thousands of books and training videos about technology, professional development and digital media from more than 40 leading publishers, including Addison-Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media, Wrox, Apress, and many more. If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months. That's a total savings of $199.
