[ISN] REVIEW: "Snort Cookbook", Angela Orebaugh/Simon Biles/Jacob Babbin

InfoSec News isn at c4i.org
Tue Apr 4 03:03:24 EDT 2006 

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade at shaw.ca>

BKSNRTCB.RVW   20051208

"Snort Cookbook", Angela Orebaugh/Simon Biles/Jacob Babbin, 2005,
0-596-00791-4, U$39.95/C$55.95
A%   Angela Orebaugh
A%   Simon Biles
A%   Jacob Babbin
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   2005
%G   0-596-00791-4
%I   O'Reilly & Associates, Inc.
%O   U$39.95/C$55.95 800-998-9938 fax: 707-829-0104 nuts at ora.com
%O  http://www.amazon.com/exec/obidos/ASIN/0596007914/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0596007914/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0596007914/robsladesin03-20
%O   Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   270 p.
%T   "Snort Cookbook: Solutions and Examples for Snort Administrators"

Chapter one covers the installation of Snort on various systems, and
even includes a wiring diagram for a passive tap, if you need that
sort of application.  (The "cookbook" format, with its
"Problem/Solution" structure, seems a bit odd, in this case.)  An
assortment of issues in logging are dealt with in chapter two.  The
creation and maintenance of rules, in chapter three, is discussed in a
very useful fashion.  Chapter four is about preprocessing, and is
somewhat more demanding of the reader.  Administrative tools, for
managing Snort sensors, rulesets, and data, are described in chapter
five, while utilities for analysis and display of collected
information are presented in six.  A variety of additional uses for
Snort are mentioned in chapter seven.

This book outlines the basic use and operation of Snort in a
convenient and easy-to-use manner.  Aside from the first chapter, the
cookbook format is used effectively, and thus the work becomes a
handy, quick reference for those interested in using and exploring
Snort.

copyright Robert M. Slade, 2005   BKSNRTCB.RVW   20051208


======================  (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca      slade at victoria.tc.ca      rslade at sun.soci.niu.edu
What you see and hear depends a good deal on where you are
standing; it also depends on what sort of person you are.
                                               - Clive Staples Lewis
http://victoria.tc.ca/techrev/rms.htm

More information about the ISN mailing list