Snort Cookbook

4 valoración promedio
( 4 valoraciones por GoodReads )
 
9780596007911: Snort Cookbook
From the Publisher:

If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. Snort, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. Snort can save countless headaches; the new Snort Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT.Each recipe in the popular and practical problem-solution-discussion O'Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The Snort Cookbook covers important issues that sys admins and security pros will us everyday, such as:

  • installation
  • optimization
  • logging
  • alerting
  • rules and signatures
  • detecting viruses
  • countermeasures
  • detecting common attacks
  • administration
  • honeypots
  • log analysis
But the Snort Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches--and don't have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice--will find that the solutions offered in this ultimate Snort sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus--and still have a life.

About the Author:

Angela Orebaugh is an information security technologist, scientist, and author with a broad spectrum of expertise in information assurance. She synergizes her 15 years of hands-on experiences within industry, academia, and government to advise clients on information assurance strategy, management, and technologies.

Ms. Orebaugh is involved in several security initiatives with the National Institute of Standards and Technology (NIST), including technical Special Publications (800 series), the National Vulnerability Database (NVD), Security Content Automation Protocol (SCAP) project, and secure eVoting.

Ms. Orebaugh is an Adjunct Professor for George Mason University where she performs research and teaching in intrusion detection and forensics. She developed and teaches the Intrusion Detection curriculum, a core requirement for the Forensics program in the Department of Electrical and Computer Engineering. Her current research interests include peer-reviewed publications in the areas of intrusion detection and prevention, data mining, attacker profiling, user behavior analysis, and network forensics.

Ms. Orebaugh is the author of the Syngress best seller's Nmap in the Enterprise, Wireshark and Ethereal Network Protocol Analyzer Toolkit, and Ethereal Packet Sniffing. She has also co-authored the Snort Cookbook, Intrusion Prevention and Active Response, and How to Cheat at Configuring Open Source Security Tools. Angela is a frequent speaker at a variety of security conferences and technology events, including the SANS Institute and The Institute for Applied Network Security.

Ms. Orebaugh holds a Masters degree in Computer Science and a Bachelors degree in Computer Information Systems from James Madison University. She is currently completing her dissertation for her Ph.D. at George Mason University, with a concentration in Information Security.

Simon Biles is currently Director of Thinking Security Ltd. an Information Security Consultancy based near Oxford in the UK. The company deals with all aspects of InfoSec from Incident Response and Forensics through to ISO 27001 work. He is currently studying for his MSc in Forensic Computing at Shrivenham with Cranfield University. He holds a CISSP, is Certified as an ISO17799 Lead Auditor, is a Chartered IT Professional with the British Computer Society and is also a member of F3 - the UK's First Forensic Forum. Currently he is involved in a project to define and support best practices in Forensics - you can find out more about this at the Open Forensics Group.

Jake Babbin works as a contractor with a government agency filling the role of Intrusion Detection Team Lead. He has worked in both private industry as a security professional and in government space in a variety of IT security roles. He is a speaker at several IT security conferences and is a frequent assistant in SANS Security Essentials Bootcamp, Incident Handling and Forensics courses. Jake lives in Virginia.

"Sobre este título" puede pertenecer a otra edición de este libro.

Los mejores resultados en AbeBooks

1.

Angela Orebaugh; Simon Biles; Jacob Babbin
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: > 20
Impresión bajo demanda
Librería
BargainBookStores
(Grand Rapids, MI, Estados Unidos de America)
Valoración
[?]

Descripción Paperback. Estado de conservación: New. This item is printed on demand. Item doesn't include CD/DVD. Nº de ref. de la librería 975559

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 20,46
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,76
A Estados Unidos de America
Destinos, gastos y plazos de envío

2.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O'Reilly Media
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos PAPERBACK Cantidad: > 20
Librería
Mediaoutlet12345
(Springfield, VA, Estados Unidos de America)
Valoración
[?]

Descripción O'Reilly Media. PAPERBACK. Estado de conservación: New. 0596007914 *BRAND NEW* Ships Same Day or Next!. Nº de ref. de la librería SWATI2122343118

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 22,58
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,76
A Estados Unidos de America
Destinos, gastos y plazos de envío

3.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O Reilly Media, Inc, USA, United States (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
The Book Depository US
(London, Reino Unido)
Valoración
[?]

Descripción O Reilly Media, Inc, USA, United States, 2005. Paperback. Estado de conservación: New. 226 x 176 mm. Language: English . Brand New Book. If you are a network administrator, you re under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential - but often overwhelming - challenge. SNORT, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. SNORT can save countless headaches; the new SNORT Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT. Each recipe in the popular and practical problem-solution-discussion O Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The SNORT Cookbook covers important issues that sys admins and security pros will us everyday, such as: - installation - optimization - logging - alerting - rules and signatures - detecting viruses - countermeasures - detecting common attacks - administration - honeypots - log analysis But the SNORT Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches - and don t have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice - will find that the solutions offered in this ultimate SNORT sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus - and still have a life. Nº de ref. de la librería AAH9780596007911

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 26,46
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

4.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O'Reilly Media 2005-03-29 (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
Lost Books
(AUSTIN, TX, Estados Unidos de America)
Valoración
[?]

Descripción O'Reilly Media 2005-03-29, 2005. Paperback. Estado de conservación: New. 1. 0596007914. Nº de ref. de la librería 515889

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 22,85
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,76
A Estados Unidos de America
Destinos, gastos y plazos de envío

5.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O Reilly Media, Inc, USA, United States (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
The Book Depository
(London, Reino Unido)
Valoración
[?]

Descripción O Reilly Media, Inc, USA, United States, 2005. Paperback. Estado de conservación: New. 226 x 176 mm. Language: English . Brand New Book. If you are a network administrator, you re under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential - but often overwhelming - challenge. SNORT, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. SNORT can save countless headaches; the new SNORT Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT. Each recipe in the popular and practical problem-solution-discussion O Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The SNORT Cookbook covers important issues that sys admins and security pros will us everyday, such as: - installation - optimization - logging - alerting - rules and signatures - detecting viruses - countermeasures - detecting common attacks - administration - honeypots - log analysis But the SNORT Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches - and don t have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice - will find that the solutions offered in this ultimate SNORT sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus - and still have a life. Nº de ref. de la librería AAH9780596007911

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 27,59
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

6.

Angela Orebaugh; Simon Biles; Jacob Babbin
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Cantidad: 5
Librería
Chiron Media
(Wallingford, Reino Unido)
Valoración
[?]

Descripción Estado de conservación: New. Brand new book, sourced directly from publisher. Dispatch time is 24-48 hours from our warehouse. Book will be sent in robust, secure packaging to ensure it reaches you securely. Nº de ref. de la librería NU-ING-00311250

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 24,69
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,42
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

7.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O'Reilly Media (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
Ergodebooks
(RICHMOND, TX, Estados Unidos de America)
Valoración
[?]

Descripción O'Reilly Media, 2005. Paperback. Estado de conservación: New. 1. Nº de ref. de la librería DADAX0596007914

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 26,92
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,76
A Estados Unidos de America
Destinos, gastos y plazos de envío

8.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O'Reilly Media (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Tapa blanda Cantidad: 1
Librería
Book Deals
(Lewiston, NY, Estados Unidos de America)
Valoración
[?]

Descripción O'Reilly Media, 2005. Estado de conservación: New. Brand New, Unread Copy in Perfect Condition. A+ Customer Service! Summary: Preface 1. Installation and Optimization 1.1 Installing Snort from Source on Unix 1.2 Installing Snort Binaries on Linux 1.3 Installing Snort on Solaris 1.4 Installing Snort on Windows 1.5 Uninstalling Snort from Windows 1.6 Installing Snort on Mac OS X 1.7 Uninstalling Snort from Linux 1.8 Upgrading Snort on Linux 1.9 Monitoring Multiple Network Interfaces 1.10 Invisibly Tapping a Hub 1.11 Invisibly Sniffing Between Two Network Points 1.12 Invisibly Sniffing 100 MB Ethernet 1.13 Sniffing Gigabit Ethernet 1.14 Tapping a Wireless Network 1.15 Positioning Your IDS Sensors 1.16 Capturing and Viewing Packets 1.17 Logging Packets That Snort Captures 1.18 Running Snort to Detect Intrusions 1.19 Reading a Saved Capture File 1.20 Running Snort as a Linux Daemon 1.21 Running Snort as a Windows Service 1.22 Capturing Without Putting the Interface into Promiscuous Mode 1.23 Reloading Snort Settings 1.24 Debugging Snort Rules 1.25 Building a Distributed IDS (Plain Text) 1.26 Building a Distributed IDS (Encrypted) 2. Logging, Alerts, and Output Plug-ins 2.1 Logging to a File Quickly 2.2 Logging Only Alerts 2.3 Logging to a CSV File 2.4 Logging to a Specific File 2.5 Logging to Multiple Locations 2.6 Logging in Binary 2.7 Viewing Traffic While Logging 2.8 Logging Application Data 2.9 Logging to the Windows Event Viewer 2.10 Logging Alerts to a Database 2.11 Installing and Configuring MySQL 2.12 Configuring MySQL for Snort 2.13 Using PostgreSQL with Snort and ACID 2.14 Logging in PCAP Format (TCPDump) 2.15 Logging to Email 2.16 Logging to a Pager or Cell Phone 2.17 Optimizing Logging 2.18 Reading Unified Logged Data 2.19 Generating Real-Time Alerts 2.20 Ignoring Some Alerts 2.21 Logging to System Logfiles 2.22 Fast Logging 2.23 Logging to a Unix Socket 2.24 Not Logging 2.25 Prioritizing Alerts 2.26 Capturing Traffic from a Specific TCP Session 2.27 Killing a Specific Session 3. Rules and Signatures 3.1 How to Build Rules 3.2 Keeping the Rules Up to Date 3.3 Basic Rules You Shouldn''t Leave Home Without 3.4 Dynamic Rules 3.5 Detecting Binary Content 3.6 Detecting Malware 3.7 Detecting Viruses 3.8 Detecting IM 3.9 Detecting P2P 3.10 Detecting IDS Evasion 3.11 Countermeasures from Rules 3.12 Testing Rules 3.13 Optimizing Rules 3.14 Blocking Attacks in Real Time 3.15 Suppressing Rules 3.16 Thresholding Alerts 3.17 Excluding from Logging 3.18 Carrying Out Statistical Analysis 4. Preprocessing: An Introduction 4.1 Detecting Stateless Attacks and Stream Reassembly 4.2 Detecting Fragmentation Attacks and Fragment Reassemblywith Frag2 4.3 Detecting and Normalizing HTTP Traffic 4.4 Decoding Application Traffic 4.5 Detecting Port Scans and Talkative Hosts 4.6 Getting Performance Metrics 4.7 Experimental Preprocessors 4.8 Writing Your Own Preprocessor 5. Administrative Tools 5.1 Managing Snort Sensors 5.2 Installing and Configuring IDScenter 5.3 Installing and Configuring SnortCenter 5.4 Installing and Configuring Snortsnarf 5.5 Running Snortsnarf Automatically 5.6 Installing and Configuring ACID 5.7 Securing ACID 5.8 Installing and Configuring Swatch 5.9 Installing and Configuring Barnyard 5.10 Administering Snort with IDS Policy Manager 5.11 Integrating Snort with Webmin 5.12 Administering Snort with HenWen 5.13 Newbies Playing with Snort Using EagleX 6. Log Analysis 6.1 Generating Statistical Output from Snort Logs 6.2 Generating Statistical Output from Snort Databases 6.3 Performing Real-Time Data Analysis 6.4 Generating Text-Based Log Analysis 6.5 Creating HTML Log Analysis Output 6.6 Tools for Testing Signatures 6.7 Analyzing and Graphing Logs 6.8 Analyzing Sniffed (Pcap) Traffic 6.9 Writing Output Plug-ins 7. Miscellaneous Other Uses 7.1 Monitoring Network Performance 7.2 Logging Application Traffic 7.3 Recognizing HTTP Traffic on Unusual Ports 7.4 Creating a Reactive IDS 7.5 Monitoring a Network Using Policy-Based IDS 7.6 Port Knocking 7.7 Obfuscating IP Addresses 7.8 Pas. Nº de ref. de la librería ABE_book_new_0596007914

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 30,78
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
A Estados Unidos de America
Destinos, gastos y plazos de envío

9.

Angela Orebaugh; Simon Biles; Jacob Babbin
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
Grand Eagle Retail
(Wilmington, DE, Estados Unidos de America)
Valoración
[?]

Descripción 2005. Paperback. Estado de conservación: New. 174mm x 18mm x 238mm. Paperback. If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SM.Shipping may be from multiple locations in the US or from the UK, depending on stock availability. 270 pages. 0.454. Nº de ref. de la librería 9780596007911

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 31,50
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
A Estados Unidos de America
Destinos, gastos y plazos de envío

10.

Angela Orebaugh; Simon Biles; Jacob Babbin
Editorial: O'Reilly Media (2005)
ISBN 10: 0596007914 ISBN 13: 9780596007911
Nuevos Paperback Cantidad: 1
Librería
Irish Booksellers
(Rumford, ME, Estados Unidos de America)
Valoración
[?]

Descripción O'Reilly Media, 2005. Paperback. Estado de conservación: New. book. Nº de ref. de la librería 0596007914

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 34,99
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
A Estados Unidos de America
Destinos, gastos y plazos de envío

Existen otras copia(s) de este libro

Ver todos los resultados de su búsqueda