Caster - X ™’s blog

ISBN-13: 978-1-9318-3604-3
ISBN: 1-9318-3604-3
Number Of Pages: 751
Publication Date: May 2004
Publisher: Syngress
Author: Jay Beale

Called “the leader in the Snort IDS book arms race” by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities. Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). You will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability.

Continue reading “Snort 2.1 Intrusion Detection, Second Edition”

ISBN-13: 978-1-59749-020-7
ISBN: 1-59749-020-2
Number Of Pages: 400
Publication Date: Aug 2005
Publisher: Elsevier
Author: Brian Caswell, Jay Beale, Gilbert Ramirez and Noam Rathaus

his book will cover customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethereal to ?sniff? their network for malicious or unusual traffic. The book will also contain an appendix detailing ?the best of the rest? open source security tools. Each of these tools is intentionally designed to be highly customizable so that users can torque the programs to suit their particular needs. Users can code their own custom rules, plug-ins, and filters that are tailor-made to fit their own networks and the threats which they most commonly face. The book describes the most important concepts of coding and customizing tools, and then provides readers with invaluable working scripts that can either be used as is or further refined by using knowledge gained from the book.

Continue reading “Nessus, Snort, and Ethereal Power Tools - Customizing Open Source Security Applications”