IDS mailing list archives
Re: Can anyone recommend a good book?
From: belka () att net
Date: Wed, 05 Nov 2003 03:51:28 +0000
Try Snort 2.0, Intrusion Detection, by Brian Caswell, Jay Beale, James C. Foster, and Jeffrey Posluns. You can get it from Amazon.com. The book is about the Snort IDS, and not IDS in general. But, it walks your throuh how IDS work, how Snort works, how to set up Snort, Snor reporting tools, web-based reports using ACID, etc. By the time you finish the book, you will know all about Snort -- but better still, all teh information is transferrable in general terms to Cisco, Symantec or any other IDS. The features may vary, but in principle, IDS all work the same. Perhaps teh best part of the Snort book is all the files are on the CD and Snort is free (Snort.org) and runs on Linux (also free). If you wanted a lab to test an IDS, you can't even touch a commercial IDS, even a used one on eBay, for less than a thousand dollars. For the price of the book, an old computer and Linux, you have all you need to learn about IDS. Set up a Snort box and put it on your DSL connection. You will get to see all the attacks in the world. That's the way to learn how-to for IDS. -- Rob Frazier www.xakephet.com 915-695-7238 817-271-7557
I'm looking for a book on IDS. One that is at a beginner to intermediate level. This is to be used as training material in a classroom environment so a book that is put together in a way that it could easily be adapted to a classroom learning environment would be great. Lastly, a book that has hands-on structured labs on using IDS tools and implementing IDS solutions. Does such a book exist? Thanks, David Jackson, GSEC
--------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_focus-ids_031023 and use priority code SF4. ---------------------------------------------------------------------------
Current thread:
- Can anyone recommend a good book? David J. Jackson (Nov 04)
- Re: Can anyone recommend a good book? Mike Coliton (Nov 05)
- Re: Can anyone recommend a good book? Jason Boykin (Nov 05)
- Re: Can anyone recommend a good book? Joe Bowling (Nov 05)
- Re: Can anyone recommend a good book? Patrick L. Knight (Nov 05)
- Re: Can anyone recommend a good book? Brett Hutley (Nov 05)
- Re: Can anyone recommend a good book? Byron Sonne (Nov 05)
- Re: Can anyone recommend a good book? Stephen Person (Nov 05)
- <Possible follow-ups>
- RE: Can anyone recommend a good book? Bohling James CONT JBC (Nov 05)
- Re: Can anyone recommend a good book? belka (Nov 05)
- Re: Can anyone recommend a good book? Richard Bejtlich (Nov 05)
- RE: Can anyone recommend a good book? David J. Jackson (Nov 06)
- Re: Can anyone recommend a good book? Get Safe (Nov 07)