Snort mailing list archives
RE: [Snort-Users] new to snort and intrusion detection
From: "Cloppert, Michael" <Michael.Cloppert () 53 com>
Date: Fri, 9 May 2003 10:49:39 -0400
-----Original Message----- From: Michael Boman [mailto:michael.boman () securecirt com] Sent: Friday, May 09, 2003 12:53 AM To: Jonathan Jesse Cc: snort-users () lists sourceforge net Subject: Re: [Snort-Users] new to snort and intrusion detection On Fri, 2003-05-09 at 01:47, Jonathan Jesse wrote:What I?m looking for is some help on how to learn how touse snort toits fullest, any sources/documentation to the best use out of it?Using snort and doing intrusion detection is two different beasts that works hand-in-hand. Below I list some good books that can help you along the way: Network Intrusion Detection: An Analyst's Handbook Stephen Northcutt, Donald McLachlan, Judy Novak New Riders Publishing; ISBN: 0735710082 Intrusion Signatures and Analysis Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick New Riders Publishing; ISBN: 0735710635 Incident Response: Investigating Computer Crime Chris Prosise, Kevin Mandia McGraw-Hill Professional Publishing; ISBN: 0072131829
I own both of these, and the Northcutt/Novak book is always the FIRST ONE I recommend to EVERYONE asking about NIDS - it's the difinitive guide, IMHO. I would also like to recommend: Internetworking with TCP/IP, Vol. 1 Douglas E. Comer Prentice Hall, ISBN: 0-13-216987-8 Douglas E Comer was (I believe) one of the fundamental people involved in the development of the TCP/IP - this book is a must-have for anyone who ever has to look at a packet. Mike Cloppert, GCIA ------------------------------------------------------- Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara The only event dedicated to issues related to Linux enterprise solutions www.enterpriselinuxforum.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- [Snort-Users] new to snort and intrusion detection Jonathan Jesse (May 08)
- Re: [Snort-Users] new to snort and intrusion detection Michael Boman (May 08)
- <Possible follow-ups>
- RE: [Snort-Users] new to snort and intrusion detection L. Christopher Luther (May 08)
- RE: [Snort-Users] new to snort and intrusion detection Cloppert, Michael (May 09)