Snort mailing list archives
Re: New user to Snort . . .
From: Noah Dietrich <noah_dietrich () 86penny org>
Date: Tue, 16 Oct 2018 16:50:50 +0200
Hello David, I am the author of the Snort on Ubuntu guides available on the snort.org website, and i think you may want to consider looking over my guide. While it isn't for the Windows platform, I have specifically written it to teach the user not just how to setup Snort, but how to configure it and what certain flags and settings do, which should give you the knowledge to learn more on your own (rather than a guide that just tells you what to do, i tried to explain why you configure the settings and how they work). my Guide: Snort 3 on Ubuntu 14, 16, 17, 18 <https://snort.org/documents/snort-3-on-ubuntu-14-16-17-18> I've read many of the books on snort, and you are correct that none of them are very good. There was one book on snort that is probably the best currently, but it is now very dated, and i'm not sure how helpful it is anymore.: *Snort IDS and IPS Toolkit (Jay Beale's Open Source Security).* Noah On Tue, Oct 16, 2018 at 4:36 PM João Delgado via Snort-users < snort-users () lists snort org> wrote:
Hello David, I would suggest starting with the guides here https://snort.org/documents#OfficialDocumentation there is one for windows as well as a bunch for different linux distros. Also as far as documentations goes in my opinion the snort manual and the readme files you have on the documentation folder once you install snort are the most complete source of documentation, even if you chose to buy a snort book (have no suggestions here tbh) you might want to complement it with the manual. Cheers and best of luck with your exam, On Tue, Oct 16, 2018 at 3:13 PM David Adams JR via Snort-users < snort-users () lists snort org> wrote:I am preparing for the CompTIA CyberSecurity Analyst+ exam and believe "hands on" is better than just text book memorizing. Which is what I have done (hands on) over the years by purchasing hardware and software to create myself a very helpful lab. I have eight switches, ten routers, six servers, W7, W10, WS2008, WS2012, and WS2016. I have passed the CompTIA+ A+, Network+, Security+ and Server+ exams and also way back when, passed the Microsoft W95, W98, and the battery of exams required for the Microsoft Certified Systems Engineer certification for 4.0 . . . . just as Windows 2000 came out . . . . by then I was unemployed and unable to afford the books and test fees . . . . But eventually, I regained employment and resumed my self training. So here I am "learning" about Snort . . . but only 'book knowledge'. So far my posts have resulted in links back to the Snort 'documents' which appear to be mostly links to forums and not the helpful PDF's I have come to find much more helpful. I went to Amazon and googled "Snort" and there are several books to choose from. I read the reviews and most were not too encouraging. So what I am looking for is some sort of step-by-step guide or instructions on how to set up Snort on a Windows 2008 or 2012 server and how to test it to see if it really works. I THINK that involves installing an Apache server on top of WS. Or I can install Redhat Enterprise Linux 7.x - only I know so much less about Linux . . . . Anyhow, if you can recommend a book from Amazon or another resource to assist me in getting going, I'd appreciate it. Thank you for your time, David JR David M. Adams JR 4475 Barden Avenue Mobile, Alabama 36619 dadamsjr () live com (678) 641-0572 (cell) _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette-- João Delgado Mobile: +351 927 578 183 _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- New user to Snort . . . David Adams JR via Snort-users (Oct 16)
- Re: New user to Snort . . . Joel Esler (jesler) via Snort-users (Oct 16)
- Re: New user to Snort . . . Russ via Snort-users (Oct 16)
- Re: New user to Snort . . . Giles Coochey via Snort-users (Oct 16)
- Re: New user to Snort . . . Russ via Snort-users (Oct 16)
- Re: New user to Snort . . . João Delgado via Snort-users (Oct 16)
- Re: New user to Snort . . . Noah Dietrich (Oct 16)
- Re: New user to Snort . . . Joel Esler (jesler) via Snort-users (Oct 16)