Home > Store

Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID

Register your product to gain access to bonus material or receive a coupon.

Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2003
  • Dimensions: 7" x 9-1/4"
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-140733-3
  • ISBN-13: 978-0-13-140733-6

Network security has become an important part of corporate IT strategy and safeguarding all the nooks and crannies of your network can be timely and expensive. This book provides information about how to use free Open Source tools to build and manage an Intrusion Detection System. Rehman provides detailed information about using SNORT as an IDS and using Apache, MySQL, PHP and ACID to analyze intrusion data. The book contains custom scripts, real-life examples for SNORT, and to-the-point information about installing SNORT IDS so readers can build and run their sophisticated intrusion detection systems.SNORT is your network's packet sniffer that monitors network traffic in real time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.NSS Group, a European network security testing organization, tested SNORT along with intrusion detection system (IDS) products from 15 major vendors including Cisco, Computer Associates, and Symantec. According to NSS, SNORT, which was the sole Open Source freeware product tested, clearly outperformed the proprietary products.Part of the Bruce Perens' Open Source Series



Download Intrusion Detection with SNORT in PDF



To facilitate your exploration of Snort, we are providing links to the online resources listed in the reference section at the end of each chapter.

Chapter 1 Introduction to Intrusion Detection and Snort

Chapter 2 Installing Snort and Getting Started

Chapter 3 Working with Snort Rules

Chapter 4 Plugins, Preprocessors and Output Modules

Chapter 5 Using Snort with MySQL

Chapter 6 Using ACID and SnortSnarf with Snort

Chapter 7 Miscellaneous Tools

Sample Content

Online Sample Chapter

Working with Snort Rules

Downloadable Sample Chapter

Download the Sample Chapter related to this title.

Table of Contents

1. Introduction to Intrusion Detection and Snort.

What is Intrusion Detection? IDS Policy. Components of Snort. Dealing with Switches. TCP Stream Follow Up. Supported Platforms. How to Protect IDS Itself. References.

2. Installing Snort and Getting Started.

Snort Installation Scenarios. Installing Snort. Running Snort on Multiple Network Interfaces. Snort Command Line Options. Step-By-Step Procedure to Compile and Install Snort From Source Code. Location of Snort Files. Snort Modes. Snort Alert Modes. Running Snort in Stealth Mode. References.

3. Working with Snort Rules.

TCP/IP Network Layers. The First Bad Rule. CIDR. Structure of a Rule. Rule Headers. Rule Options. The Snort Configuration File. Order of Rules Based upon Action. Automatically Updating Snort Rules. Default Snort Rules and Classes. Sample Default Rules. Writing Good Rules. References.

4. Plugins, Preprocessors and Output Modules.

Preprocessors. Output Modules. Using BPF Fileters. References.

5. Using Snort with MySQL.

Making Snort Work with MySQL. Secure Logging to Remote Databases Securely Using Stunnel. Snort Database Maintenance. References.

6. Using ACID and SnortSnarf with Snort.

What is ACID? Installation and Configuration. Using ACID. SnortSnarf. Barnyard. References.

7. Miscellaneous Tools.

SnortSam. IDS Policy Manager. Securing the ACID Web Console. Easy IDS. References.

Appendix A: Introduction to tcpdump.

Appendix B: Getting Started with MySQL.

Appendix C: Packet Header Formats.

Appendix D: Glossary.

Appendix E: SNML DTD.



Download the Index file related to this title.


Submit Errata

More Information

Unlimited one-month access with your purchase
Free Safari Membership