Intrusion Detection Systems with Snort: Advanced IDS with Snort, Apache, MySQL, PHP, and ACID
January 1st, 2008 | posted by adminChapter 1 Introduction to Intrusion Detection and Snort
1.1 What is Intrusion Detection?
1.2 IDS Policy
1.3 Components of Snort
1.4 Dealing with Switches
1.5 TCP Stream Follow Up
1.6 Supported Platforms
1.7 How to Protect IDS Itself
1.8 References
Chapter 2 Installing Snort and Getting Started
2.1 Snort Installation Scenarios
2.2 Installing Snort
2.3 Running Snort on Multiple Network Interfaces
2.4 Snort Command Line Options
2.5 Step-By-Step Procedure to Compile and Install Snort From Source Code
2.6 Location of Snort Files
2.7 Snort Modes
2.8 Snort Alert Modes
2.9 Running Snort in Stealth Mode
2.10 References
Chapter 3 Working with Snort Rules
3.1 TCP/IP Network Layers
3.2 The First Bad Rule
3.3 CIDR
3.4 Structure of a Rule
3.5 Rule Headers
3.6 Rule Options
3.7 The Snort Configuration Fil
3.8 Order of Rules Based upon Action
3.9 Automatically Updating Snort Rules
3.10 Default Snort Rules and Classes
3.11 Sample Default Rules
3.12 Writing Good Rules
3.13 References
Chapter 4 Plugins, Preprocessors and Output Modules
4.1 Preprocessors
4.2 Output Modules
4.3 Using BPF Fileters
4.4 References
Chapter 5 Using Snort with MySQL
5.1 Making Snort Work with MySQL
5.2 Secure Logging to Remote Databases Securely Using Stunnel
5.4 References
Chapter 6 Using ACID and SnortSnarf with Snort
6.1 What is ACID?
6.2 Installation and Configuration
6.3 Using ACID
6.4 SnortSnarf
6.5 Barnyard
6.6 References
Chapter 7 Miscellaneous Tools
7.1 SnortSam
7.2 IDS Policy Manager
7.3 Securing the ACID Web Console
7.4 Easy IDS
7.5 References
To Download this E-Book Click Here.
Recent comments
5 weeks 2 days ago
14 weeks 8 hours ago
18 weeks 5 days ago
19 weeks 5 days ago
19 weeks 6 days ago
19 weeks 6 days ago
30 weeks 5 days ago
30 weeks 6 days ago
31 weeks 1 day ago
31 weeks 5 days ago