Chapter 1 Introduction to Intrusion Detection and Snort
1.1 What is Intrusion Detection?
1.2 IDS Policy
1.3 Components of Snort
1.4 Dealing with Switches
1.5 TCP Stream Follow Up
1.6 Supported Platforms
1.7 How to Protect IDS Itself
1.8 References

Chapter 2 Installing Snort and Getting Started
2.1 Snort Installation Scenarios
2.2 Installing Snort
2.3 Running Snort on Multiple Network Interfaces
2.4 Snort Command Line Options
2.5 Step-By-Step Procedure to Compile and Install Snort
2.6 Location of Snort Files
2.7 Snort Modes
2.8 Snort Alert Modes
2.9 Running Snort in Stealth Mode
2.10 References

Chapter 3 Working with Snort Rules
3.1 TCP/IP Network Layers
3.2 The First Bad Rule
3.3 CIDR
3.4 Structure of a Rule
3.5 Rule Headers
3.6 Rule Options
3.7 The Snort Configuration File
3.8 Order of Rules Based upon Action
3.9 Automatically Updating Snort Rules
3.10 Default Snort Rules and Classes
3.11 Sample Default Rules
3.12 Writing Good Rules
3.13 References

Chapter 4 Plugins, Preprocessors and Output Modules 131
4.1 Preprocessors
4.2 Output Modules
4.3 Using BPF Fileters
4.4 References

Chapter 5 Using Snort with MySQL
5.1 Making Snort Work with MySQL
5.2 Secure Logging to Remote Databases Securely Using Stunnel
5.3 Snort Database Maintenance
5.4 References

Chapter 6 Using ACID and SnortSnarf with Snort
6.1 What is ACID?
6.2 Installation and Configuration
6.3 Using ACID
6.4 SnortSnarf
6.5 Barnyard
6.6 References

Chapter 7 Miscellaneous Tools
7.1 SnortSam
7.2 IDS Policy
7.4 Easy IDS
7.5 References

To Download this E-Book Click Here.