Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). Readers will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability.
Edición: Syngress (2004)
Idioma: Inglés
Formato: PDF
Contenido:
- Intrusion Detection Systems
- Introducing Snort 2.1
- Installing Snort
- Inner Workings
- Playing by the Rules
- Preprocessors
- Implementing Snort Output Plug-Ins
- Dealing with the Data
- Keeping Everything Up to Date
- Optimizing Snort
- Mucking Around with Barnyard
- Active Response
- Advanced Snort
Descarga/Download
No hay comentarios:
Publicar un comentario