Buy this Book
Print Book $39.95
Add to Cart
Read it Now!
Print Book £28.50
Add to UK Cart
Reprint Licensing
Envelope Tell a friend
Snort Cookbook

By Angela D. Orebaugh, Simon Biles, Jacob Babbin
First Edition  March 2005 
Pages: 286
Series: Cookbooks
ISBN 10: 0-596-00791-4 | ISBN 13: 9780596007911
starstarstarstarstar (Average of 1 Customer Reviews)

Buy 2 Get 1 Free Free ShippingGuarantee

Book description

Snort, the defacto standard of intrusion detection tools, can save countless headaches; the new Snort Cookbook will save countless hours of trial and error. Each "recipe" offers a clear description of a gnarly problem, a concise but complete solution, and practical examples. But this ultimate SNORT sourcebook offers more than just immediate cut-and-paste answers; it also showcases the best tips and tricks to leverage the full power of SNORT--and still have a life.
Full Description

If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. Snort, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. Snort can save countless headaches; the new Snort Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT. Each recipe in the popular and practical problem-solution-discussion O'Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The Snort Cookbook covers important issues that sys admins and security pros will us everyday, such as:
  • installation
  • optimization
  • logging
  • alerting
  • rules and signatures
  • detecting viruses
  • countermeasures
  • detecting common attacks
  • administration
  • honeypots
  • log analysis
But the Snort Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches--and don't have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice--will find that the solutions offered in this ultimate Snort sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus--and still have a life.

Browse within this book

Cover | Table of Contents | Colophon

Featured customer reviews

Write a Review


Snort CookBook a second glance,  September 28 2005
Rating: StarStarStarStarStar
Submitted by Brett Hoff   [Respond | View]

Snort Cookbook O'reilly
by: Orebaugh, Biles & Babbin

What can I say designing a reliable detection system is a challenge at best.
This book makes it seem easy! I thought this was the best layout of a tech.book I have ever saw.
Problem > Solution > Discussion. they gave you the information in a precise way with out overloading you
with material you did not need. The Rules section was espcially useful...
The only downside is I wanted to see more on rules with samples.
Overall this was a very useful Book. I already had snort in place this made it much more useful.

Brett Hoff

Read all reviews

Media reviews

"This is the best snort book ever. It’s a task-based book that leads you step by step through installing and optimizing snort, configuring logging and alerts, building rules, managing snort sensors, analyzing logs, and tons more. Bottom line: if you don’t know what snort is, don’t buy this book!"
--Mitch Tulloch, WindowsSecurity.com, July 2005

"As someone who does run snort and has been working on ways to expand some of the data I get to it, it has proven to be a valuable resource which far outweighs the few things I found lacking. It is the only resource of its kind I know to exist. It brings to light some tools which I haven't thought of using the way it suggests, like perfmonitor and clamav. I came away from reading this book with solid ideas and tools which I plan to add into snort. If you are looking for solid documentation on Snort and the tools and tricks you can use with it, this is your book."
--John C. A. Bambanek, Ravings of John C. A. Bambenek and Blogcritics.org, June 2005

"A whole barnyard of solutions have been gathered together in one place for easier management of networks for security gurus... What I liked most about this book is that there is a whole section just for me on installing Snort in Mac OS X (HenWen even has been updated to work with Mac OS X Tiger) and another administering Snort with HenWen.  The meat of the book is really the section on Rules and Signatures, but there are links everywhere for getting deeper into and wallowing around in the Pigsty-like environment we all know as network security. This book shows that virtual pigs can fly (if the pig is named Snort)."
--Robert Pritchett, MacCompanion.com, June 2005

Read all reviews


See larger cover