RE: [Snort-Users] new to snort and intrusion detection

["L. Christopher Luther" <CLuther () Xybernaut com>]

For documentation:  

1)  Check the Snort site's documentation section [0] 

2)  A new book has just been released [1] 

3)  If you search the Snort-users archives, you'll find various posting from
Patrick S. Harper | CISSP MCSE patrick () internetsecurityguru com.  Patrick
has created a number of Snort "install" docs but they may have other useful
information [2].  


HTH, 
- Christopher

[0] http://www.snort.org/docs/  
[1]
http://www.amazon.com/exec/obidos/tg/stores/detail/-/books/1931836744/104-49
88897-1772724
 
http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?isbn=1931836744
    http://www.syngress.com/catalog/sg_main.cfm?pid=2440
[2]
http://marc.theaimsgroup.com/?l=snort-users&w=2&r=1&s=Patrick+S.+Harper&q=b


-----Original Message-----
From: Jonathan Jesse [mailto:jjesse () ftpb com]
Sent: Thursday, May 08, 2003 1:47 PM
To: snort-users () lists sourceforge net
Subject: [Snort-Users] new to snort and intrusion detection


First of all a little introduction.... I started working at my current
location a little over 6 months ago as a full-time computer support person.
The place I work at is under 150 employees and before I can on staff there
was no computer support or network administration.  Every small problem or
upgrade was taken care of by an outside consulting firm; including every day
normal helpdesk requests, password resets, printer jams, etc.
 
So in August of 2001, I was hired as a full time helpdesk/network admin
position.  Now, my boss (who is pretty IT savvy, just not very current on
things) and I are trying to get the company set with a solid foundation and
then move on to their.  Also part of the foundation is in response to the
auditors, got to love them.
 
So to make a long story short, I am somewhat knowledgeable in Linux, having
attained my Linux + certification from CompTIA, and my boss went to a user
group meeting for our core banking system where a guest speaker spoke about
Intrusion Detection and mentioned Snort.  My boss asked if I knew anything
about snort and could show it to him.  Today I followed the guide
"Enterprise Snort" by Steven Scott and have it up and running on a Red Hat
7.3 system with MySql and Acid and everything running.  
 
What I'm looking for is some help on how to learn how to use snort to its
fullest, any sources/documentation to the best use out of it?
 
Sorry about the long email
 
Jonathan Jesse
Network Specialist
Founders Trust Bank
 
This page and any accompanying documents contain confidential information
intended for a specific individual and purpose. If you are not the intended
recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is strictly prohibited. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format. 
 


-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users