Snort mailing list archives
Re: Books, URLS, Info On Reading & Understanding Snort Alerts
From: "sunzi" <sunzi () mod-x co uk>
Date: Tue, 22 Jul 2003 06:31:51 -0400
Intrusion Signatures and Analysis by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick http://www.amazon.com/exec/obidos/tg/detail/-/0735710635/ And when they say that it's 'better together' with Network Intrusion Detection, there right :) sunzi ----- Original Message ----- From: "Steve Nutt" <luckysnutt () cox net> To: "Snort-Users () Lists Sourceforge Net" <snort-users () lists sourceforge net> Sent: Monday, July 21, 2003 11:31 PM Subject: [Snort-users] Books, URLS, Info On Reading & Understanding Snort Alerts
Need Information, I am trying to better understand how one would research and determine what is actually happening with the network alerts. I have snort and
snortsnarf.
I get activity but I don't have a clue about how to go about validating
the
actual alert. Does someone have a good site, book, magazine, class, user group etc. that will point me in the direction to acquire the knowledge to understand my alerts. I get an alert and GFI but spend hours reading about someone else's
attempts
to understand the same thing. In serach of, Steve ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Books, URLS, Info On Reading & Understanding Snort Alerts Steve Nutt (Jul 21)
- Re: Books, URLS, Info On Reading & Understanding Snort Alerts sunzi (Jul 22)
- Re: Books, URLS, Info On Reading & Understanding Snort Alerts Erek Adams (Jul 22)