Why spend thousands of dollars on a commercial IDS when there s Snort? Now Snort.org webmaster Brian Caswell shows how to make the most of it — including the latest 2.1 upgrades.
Caswell covers the entire Snort planning, deployment, and management lifecycle. Integrating Snort into your security architecture. Using it as a packet sniffer and packet logger for network traffic debugging. Using and updating rules. Using Barnyard to manage Snort s output. Analyzing intrusions. Evaluating (and possibly implementing) active response.
A nice touch:notes from the undergroundthat reveal how crackers attack IDS systems, and what you can do about it. Snort 2.1.2 s on CD-ROM, plus several complementary tools. You could download those. But you re unlikely to find Caswell s depth of knowledge anywhere else. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer.His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.