martes, 18 de diciembre de 2007

Snort 2.1 Intrusion Detection (2nd Edition)

Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). Readers will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability.

Edición: Syngress (2004)
Idioma: Inglés
Formato: PDF

Contenido:

  1. Intrusion Detection Systems
  2. Introducing Snort 2.1
  3. Installing Snort
  4. Inner Workings
  5. Playing by the Rules
  6. Preprocessors
  7. Implementing Snort Output Plug-Ins
  8. Dealing with the Data
  9. Keeping Everything Up to Date
  10. Optimizing Snort
  11. Mucking Around with Barnyard
  12. Active Response
  13. Advanced Snort

Descarga/Download

No hay comentarios: