Managing Security with Snort & IDS Tools by Kerry J. Cox, Christopher Gerg This errata page lists errors outstanding in the most recent printing. If you have technical questions or error reports, you can send them to booktech@oreilly.com. Please specify the printing date of your copy. This page was updated March 03, 2006. Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem ?page-number?: reader question or request for clarification Confirmed errors: {10} 3rd paragraph; Secure Shell (SSH) uses port 22 and NOT 23, that is for telnet {11} Last paragraph; The TFTP port is port 69 and NOT 79 {17} Figure 2-4; The third entry in the figure is missing the entry "Acknowledgement number" (33) http://winsnort.com should be http://www.winsnort.com Page 62 is looking for libwhisker. Alternate - http://sourceforge.net/projects/whisker/ Page 72 is a compilation - same Alternate - http://sourceforge.net/projects/whisker/ Chapter 4, p.72 and Appendix C, p.252 http://www.ideahamster.org/projects/operationaltools.htm These are looking for the isecom security tools. Alternate - http://www.isecom.org/projects/toolsandtemplates.shtml (72) Sites of Interest; The line for "Packetstromsecurity" should read "Packetstormsecurity". The "o" and the "r" are transposed. {99} 3rd paragraph; "support for MySQL is included by adding --with-odbc" it should be "support for ODBC is included..." Chapter 8, p.138 http://www.snortsam.net/files/snort-plugin/ We can change this to the general download page - http://www.snortsam.net/download.html (188) last paragraph; "... and select the time periord for the ..." should be "... and select the time period for the ..." (190) 2nd paragraph; "in the futuer" should be "in the future" Chapter 12, p.209 and Appendix C, p.253 http://www.silicondefense.com http://www.silicondefense.com/software/snortsnarf An alternate is the Snort website's download section - http://www.snort.org/dl/contrib/data_analysis/snortsnarf/ Not sure what's going on with silicon defense Chapter 13, p.223 http://squil.sourceforge.net should be: http://sguil.sourceforge.net/ Appendix C, p.252 http://www.wiretrip.net/rfp/lw.asp Same as libwhisker link, above - http://sourceforge.net/projects/whisker/ Appendix C, p.253 http://www.oinkmaster.sourceforge.net The "www" seems to be the problem. Alternate - http://oinkmaster.sourceforge.net/