Snort mailing list archives

Re: [Snort-Users] new to snort and intrusion detection

From: Michael Boman <michael.boman () securecirt com>
Date: 09 May 2003 12:53:08 +0800

On Fri, 2003-05-09 at 01:47, Jonathan Jesse wrote:

What I’m looking for is some help on how to learn how to use snort to
its fullest, any sources/documentation to the best use out of it?


Using snort and doing intrusion detection is two different beasts that
works hand-in-hand. Below I list some good books that can help you along
the way:

Network Intrusion Detection: An Analyst's Handbook
Stephen Northcutt, Donald McLachlan, Judy Novak
New Riders Publishing; ISBN: 0735710082

Intrusion Signatures and Analysis
Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick
New Riders Publishing; ISBN: 0735710635

Incident Response: Investigating Computer Crime
Chris Prosise, Kevin Mandia
McGraw-Hill Professional Publishing; ISBN: 0072131829

Snort Intrusion Detection 2.0
Ryan Russell
Syngress Media Inc, ISBN: 1931836744

The Protocols (TCP/IP Illustrated, Volume 1)
W. Richard Stevens
Addison-Wesley Pub Co, ISBN: 0201633469


To test yourself you can also try:

Hacker's Challenge : Test Your Incident Response Skills Using 20
Scenarios
Mike Schiffman
McGraw-Hill Osborne Media, ISBN: 0072193840

Hacker's Challenge 2: Test Your Network Security & Forensic Skills
Mike Schiffman, Bill Pennington, David Pollino, Adam J. O'Donnell
McGraw-Hill Osborne Media, ISBN: 0072226307


Best regards
 Michael Boman

-- 
Michael Boman
Security Architect, SecureCiRT Pte Ltd
http://www.securecirt.com

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

[Snort-Users] new to snort and intrusion detection Jonathan Jesse (May 08)
- Re: [Snort-Users] new to snort and intrusion detection Michael Boman (May 08)
- <Possible follow-ups>
- RE: [Snort-Users] new to snort and intrusion detection L. Christopher Luther (May 08)
- RE: [Snort-Users] new to snort and intrusion detection Cloppert, Michael (May 09)