|
||||||||||||||||||||
|
||||||||||||||||||||
|
||||||||||||||||||||
|
|
|
Dieses Buch gibt es in einer neuen Auflage:
|
Produktinformation
Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?
Ist der Verkauf dieses Produkts für Sie nicht akzeptabel? |
Mehr über die Autoren
Entdecken Sie Bücher, lesen Sie über Autoren und mehr
Produktbeschreibungen
Pressestimmen
"I have been a diehard Snort user and member of the community since day one. Snort is awesome and there are so many incredibly talented people involved with it. I always wished that there was a book that documented everything, and gave lots of very cool information on all of the inner workings. I was psyched when I heard this book was being written, and I orderd it before it came out. I got mine on Friday and spent the weekend reading it. Considering the guys (and gal!) who wrote it, I shouldn't be surprised that the book rocks. Everything you ever wanted to know about Snort is in there. And, you know you are getting it from the Pig's mouth--er, or Snout;)" - reviewer on Amazon.com
Kurzbeschreibung
The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments.
Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is written by a member of Snort.org. Readers will receive valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.
The primary reader will be an individual who has a working knowledge of the TCP/IP protocol, expertise in some arena of IT infrastructure, and is inquisitive about what has been attacking their IT network perimeter every 15 seconds.
In diesem Buch
(Mehr dazu)
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis
Mehr entdecken
Wortanzeiger
Ausgewählte Seiten ansehenWortanzeiger
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis
Tags(Was ist das?)Bei einem Tag handelt es sich um ein Schlagwort, das zum Produkt passt.
Tags erleichtern allen Kunden die Suche und die Sortierung ihrer Lieblingsprodukte. |
Eine digitale Version dieses Buchs im Kindle-Shop verkaufen
Wenn Sie ein Verleger oder Autor sind und die digitalen Rechte an einem Buch haben, können Sie die digitale Version des Buchs in unserem Kindle-Shop verkaufen.
Weitere Informationen
Kundenrezensionen
Es gibt noch keine Kundenrezensionen auf Amazon.de
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
Amazon.com:
19 Rezensionen
39 von 41 Kunden fanden die folgende Rezension hilfreich
The current leader in the Snort IDS book arms race
16. Juli 2003
Format:Taschenbuch
"Snort 2.0" offers content not found in other books on Snort, such as Tim Crothers' more generic "Implementing IDS" (4 stars) and Rafeeq Rehman's "Intrusion Detection with Snort." (3 stars) I've read the best IDS books, and used IDS technology, since 1998, and "Snort 2.0" is the first to give real insight into an IDS' inner workings. Thanks to the technical knowledge of the author team, "Snort 2.0" earns the reader's appreciation by explaining how and why the open source Snort IDS works its magic.
"Snort 2.0" starts well with a short history of Marty Roesch's favorite project, followed by solid explanations of the key elements of Snort's architecture in ch. 2. The actual workings of the Snort code is expanded upon in ch. 4 (modes), 5 (rules), and 6 (packet handling and preprocessors). One could read these sections and get a real sense of how the stream4 preprocessor works, for example. These sections are augmented by helpful tangents on compiling source code (ch. 3) and updates via CVS (ch. 9). This attention to detail and desire to include related information demonstrates a high level of commitment to the reader's education.
"Snort 2.0" has several technical errors or typos which prevented me from giving a 5 star review. p. 110's diagram of a TCP sessions should say "SYN, SYN-ACK, ACK", not "SYN, ACK, SYN-ACK". Later on that page, the author claims "The server replies with a SYN/ACK if the port is open, and a SYN/RST if the port is not listening." The correct closed response is "RST/ACK". p. 203 implies one can scan for open ports with the ACK flag set to evade stateless packet filters. This is wrong, as scanning with the ACK flag set only helps host discovery. I found the reprinting of multiple pages of C code unnecessary. I also wished the sections on building preprocessors had started from scratch, rather than explain an existing preprocessor.
Overall, I found "Snort 2.0" enlightening. The authors have a powerful understanding of the workings of Snort, and apply it in novel ways. "Policy-based IDS" in ch. 12 is one example, while the "rule categorization" chart in ch. 10 is another. Only the Wiley "Deploying Snort 2.0" book, due this fall, has a chance to displace "Snort 2.0" in the Snort-focused IDS book arena.
"Snort 2.0" starts well with a short history of Marty Roesch's favorite project, followed by solid explanations of the key elements of Snort's architecture in ch. 2. The actual workings of the Snort code is expanded upon in ch. 4 (modes), 5 (rules), and 6 (packet handling and preprocessors). One could read these sections and get a real sense of how the stream4 preprocessor works, for example. These sections are augmented by helpful tangents on compiling source code (ch. 3) and updates via CVS (ch. 9). This attention to detail and desire to include related information demonstrates a high level of commitment to the reader's education.
"Snort 2.0" has several technical errors or typos which prevented me from giving a 5 star review. p. 110's diagram of a TCP sessions should say "SYN, SYN-ACK, ACK", not "SYN, ACK, SYN-ACK". Later on that page, the author claims "The server replies with a SYN/ACK if the port is open, and a SYN/RST if the port is not listening." The correct closed response is "RST/ACK". p. 203 implies one can scan for open ports with the ACK flag set to evade stateless packet filters. This is wrong, as scanning with the ACK flag set only helps host discovery. I found the reprinting of multiple pages of C code unnecessary. I also wished the sections on building preprocessors had started from scratch, rather than explain an existing preprocessor.
Overall, I found "Snort 2.0" enlightening. The authors have a powerful understanding of the workings of Snort, and apply it in novel ways. "Policy-based IDS" in ch. 12 is one example, while the "rule categorization" chart in ch. 10 is another. Only the Wiley "Deploying Snort 2.0" book, due this fall, has a chance to displace "Snort 2.0" in the Snort-focused IDS book arena.
16 von 20 Kunden fanden die folgende Rezension hilfreich
Too many mistakes
30. Oktober 2003
Format:Taschenbuch
The technical content is ok, but I am extremely tired of reading books that contain so many grammatical mistakes that one gets irritated every time a page is turned. This publisher is notorious for this and emails I wrote to them were not answered. This is just not acceptable for an expensive book. Don't they have proofreaders?
8 von 9 Kunden fanden die folgende Rezension hilfreich
Definitely worth the money.
14. Mai 2003
Format:Taschenbuch
I've been using Snort for some time. I really like it, but I've always found it a little difficult to keep up with all of the features and everything. If you spend a lot of time on the snort.org site and on the mail lists you can learn a lot from everybody. But I don't always have the time to monitor the list or go through the archives. It is great now having everything I need to know in one book. Brian Caswell is the guy who makes all of the releases and keeps everything on the site maintained and he definitely knows his stuff.
Waren diese Rezensionen hilfreich?
Wir wollen von Ihnen hören.
Kunden diskutieren
|
Das Forum zu diesem Produkt
Fragen stellen, Meinungen austauschen, Einblicke gewinnen Aktive Diskussionen in ähnlichen Foren
Kundendiskussionen durchsuchen
|
Ähnliche Foren
|
||||||||||||||||||||||||||||||||||
Lieblingslisten
Ähnliche Artikel finden
- Fremdsprachige Bücher > Computer & Internet > Netzwerke > Heimnetzwerke
- Fremdsprachige Bücher > Computer & Internet > Netzwerke > Intranet & Extranet
- Fremdsprachige Bücher > Computer & Internet > Netzwerke > Netzwerke, Protokolle & APIs
- Fremdsprachige Bücher > Computer & Internet > Netzwerke > Netzwerksicherheit
- Fremdsprachige Bücher > Computer & Internet > Sicherheit & Verschlüsselung
Anhand des Sachgebietes nach ähnlichen Produkten suchen:
Ihr Kommentar
Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?
|
