A guide to the Snort version 2.6. It offers coverage ranging from packet inspection to optimizing Snort for speed to using the advanced features of Snort to defend even the largest and most congested enterprise networks.
The Barnes & Noble ReviewWhy spend thousands of dollars on a commercial IDS when there s Snort? Now Snort.org webmaster Brian Caswell shows how to make the most of it -- including the latest 2.1 upgrades. Caswell covers the entire Snort planning, deployment, and management lifecycle. Integrating Snort into your security architecture. Using it as a packet sniffer and packet logger for network traffic debugging. Using and updating rules. Using Barnyard to manage Snort s output. Analyzing intrusions. Evaluating (and possibly implementing) active response. A nice touch: notes from the underground that reveal how crackers attack IDS systems, and what you can do about it. Snort 2.1.2 s on CD-ROM, plus several complementary tools. You could download those. But you re unlikely to find Caswell s depth of knowledge anywhere else. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.