Snort mailing list archives

Re: Any Good Books out there?

From: Marcin Dulak <marcin.dulak () gmail com>
Date: Thu, 1 Dec 2016 23:49:44 +0100

Hi,

in my opinion the snort manual (we are talking about manual.snort.org)
focuses
on the technical details and does not provide a context of why snort does
what it does. I can recommend two books that provide some context:
-
https://www.amazon.com/Applied-Network-Security-Monitoring-Collection/dp/0124172083
- short, less technical, a good place to start
- https://www.amazon.com/Snort-Toolkit-Beales-Source-Security/dp/1597490997
- long, very old, but provides a lot of context and funny statements like
"The actual code that parses the various options within Snort is scattered
throughout the code base" on page 177 of the 2007 edition, or a mention of
snort 3.0 on page 179!

It's pretty outrageous that such a fundamental field as network monitoring
is still considered an art and there are no readily available materials.

Marcin

On Thu, Dec 1, 2016 at 7:23 PM, Justin Pederson <jpedersm () gmail com> wrote:

I'm just getting into snort.  While there is allot of information out
there on snort, allot of it is not strait forward.  If I am looking for a
book to get up to speed on they system.  By chance does anyone know of any
good books to read?

------------------------------------------------------------
------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Any Good Books out there? Justin Pederson (Dec 01)
- Re: Any Good Books out there? Al Lewis (allewi) (Dec 01)
  - Re: Any Good Books out there? Al Lewis (allewi) (Dec 01)
  - Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
    - Re: Any Good Books out there? Luke Ager (Dec 01)
    - Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
    - Re: Any Good Books out there? Justin Pederson (Dec 01)
    - Re: Any Good Books out there? Marcin Dulak (Dec 01)
    - Re: Any Good Books out there? wkitty42 (Dec 01)
- Re: Any Good Books out there? Marcin Dulak (Dec 01)
  - Re: Any Good Books out there? Joel Esler (jesler) (Dec 01)
    - Re: Any Good Books out there? Justin Pederson (Dec 01)