Verfügbarkeit: Snort : :: THWS Bibkatalog

Snort :: IDS and IPS toolkit /

This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and mos...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Beale, Jay
Weitere Verfasser:	Baker, Andrew R., Esler, Joel
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Burlington, MA : Syngress, ©2007.
Schriftenreihe:	Jay Beale's open source security series.
Schlagworte:	Snort (Computer file) Computer networks > Security measures. Computers > Access control. Computer security. Computer Security Réseaux d'ordinateurs > Sécurité > Mesures. Ordinateurs > Accès > Contrôle. Sécurité informatique. COMPUTERS > Internet > Security. COMPUTERS > Networking > Security. COMPUTERS > Security > General. Computer networks > Security measures Computer security Computers > Access control
Online-Zugang:	Volltext Volltext
Zusammenfassung:	This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed. Includes a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more. The last part of the book contains several chapters on active response, intrusion prevention, and using Snorts most advanced capabilities for everything from forensics and incident handling to building and analyzing honey pots. Data from real world attacks will be presented throughout this part as well as on the accompanying CD. * This fully integrated book, CD, and Web toolkit covers everything all in one convenient package * It is authored by members of the Snort team and it is packed full of their experience and expertise * Includes full coverage of the brand new Snort version 2.6, packed full of all the latest information.
Beschreibung:	1 online resource (xxxiv, 730 pages :)
ISBN:	9780080549279 0080549276 1281112593 9781281112590 9786611112592 6611112596

Internformat

MARC


LEADER	00000cam a2200000Ma 4500
001	ZDB-4-EBA-ocn647692005
003	OCoLC
005	20240705115654.0
006	m o d
007	cr cn\|\|\|\|\|\|\|\|\|
008	070810s2007 maua o 001 0 eng d
010			\|a 2007279026
040			\|a E7B \|b eng \|e pn \|c E7B \|d OCLCQ \|d N$T \|d YDXCP \|d IDEBK \|d ZCU \|d WAU \|d UMI \|d CEF \|d OCLCQ \|d NHM \|d OCLCQ \|d DEBSZ \|d OCLCQ \|d OCLCO \|d OCLCQ \|d OPELS \|d BTCTA \|d OCLCF \|d DKDLA \|d OCLCQ \|d COO \|d OCLCQ \|d AGLDB \|d OCLCQ \|d JBG \|d OCLCQ \|d OCLCO \|d OCLCA \|d OCL \|d D6H \|d UAB \|d OCLCQ \|d VTS \|d NLE \|d UKMGB \|d WYU \|d LEAUB \|d OL$ \|d VT2 \|d UHL \|d OCLCQ \|d OCLCO \|d K6U \|d VLY \|d INARC \|d OCLCO \|d OCLCQ \|d OCLCO \|d OCLCL \|d SXB \|d OCLCQ \|d OCLCO
015			\|a GBB6H5315 \|2 bnb
015			\|a GBB6I9889 \|2 bnb
016	7		\|a 017585057 \|2 Uk
016	7		\|a 018003269 \|2 Uk
019			\|a 144519748 \|a 162597519 \|a 190823281 \|a 354466122 \|a 488431193 \|a 507548381 \|a 1044264215 \|a 1056381356 \|a 1074335958 \|a 1103264563 \|a 1113761471 \|a 1129349887 \|a 1151272520 \|a 1162006254 \|a 1192345916 \|a 1203852200 \|a 1240513024
020			\|a 9780080549279 \|q (electronic bk.)
020			\|a 0080549276 \|q (electronic bk.)
020			\|z 1597490997
020			\|z 9781597490993
020			\|a 1281112593
020			\|a 9781281112590
020			\|a 9786611112592
020			\|a 6611112596
035			\|a (OCoLC)647692005 \|z (OCoLC)144519748 \|z (OCoLC)162597519 \|z (OCoLC)190823281 \|z (OCoLC)354466122 \|z (OCoLC)488431193 \|z (OCoLC)507548381 \|z (OCoLC)1044264215 \|z (OCoLC)1056381356 \|z (OCoLC)1074335958 \|z (OCoLC)1103264563 \|z (OCoLC)1113761471 \|z (OCoLC)1129349887 \|z (OCoLC)1151272520 \|z (OCoLC)1162006254 \|z (OCoLC)1192345916 \|z (OCoLC)1203852200 \|z (OCoLC)1240513024
037			\|a CL0500000039 \|b Safari Books Online
050		4	\|a TK5105.59 \|b .B42 2007eb
072		7	\|a COM \|x 060040 \|2 bisacsh
072		7	\|a COM \|x 043050 \|2 bisacsh
072		7	\|a COM \|x 053000 \|2 bisacsh
082	7		\|a 005.8 \|2 22
049			\|a MAIN
100	1		\|a Beale, Jay.
245	1	0	\|a Snort : \|b IDS and IPS toolkit / \|c featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.
260			\|a Burlington, MA : \|b Syngress, \|c ©2007.
300			\|a 1 online resource (xxxiv, 730 pages :)
336			\|a text \|b txt \|2 rdacontent
337			\|a computer \|b c \|2 rdamedia
338			\|a online resource \|b cr \|2 rdacarrier
490	1		\|a Jay Beale's open source security series
505	0		\|a Ch. 1. Intrusion detection systems -- Ch. 2. Introducing snort 2.6 -- Ch. 3. Installing snort 2.6 -- Ch. 4. Configuring snort and add-ons -- Ch. 5. Inner workings -- Ch. 6. Preprocessors -- Ch. 7. Playing by the rules -- Ch. 8. Snort output plug-ins -- Ch. 9. Exploring IDS event analysis, snort style -- Ch. 10. Optimizing snort -- Ch. 11. Active response -- Ch. 12. Advanced snort -- Ch. 13. Mucking around with Barnyard.
588	0		\|a Print version record.
520	8		\|a This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed.
520	8		\|a Includes a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more. The last part of the book contains several chapters on active response, intrusion prevention, and using Snorts most advanced capabilities for everything from forensics and incident handling to building and analyzing honey pots. Data from real world attacks will be presented throughout this part as well as on the accompanying CD. * This fully integrated book, CD, and Web toolkit covers everything all in one convenient package * It is authored by members of the Snort team and it is packed full of their experience and expertise * Includes full coverage of the brand new Snort version 2.6, packed full of all the latest information.
546			\|a English.
630	0	0	\|a Snort (Computer file)
630	0	7	\|a Snort (Computer file) \|2 blmlsh
650		0	\|a Computer networks \|x Security measures. \|0 http://id.loc.gov/authorities/subjects/sh94001277
650		0	\|a Computers \|x Access control. \|0 http://id.loc.gov/authorities/subjects/sh85029553
650		0	\|a Computer security. \|0 http://id.loc.gov/authorities/subjects/sh90001862
650		2	\|a Computer Security \|0 https://id.nlm.nih.gov/mesh/D016494
650		6	\|a Réseaux d'ordinateurs \|x Sécurité \|x Mesures.
650		6	\|a Ordinateurs \|x Accès \|x Contrôle.
650		6	\|a Sécurité informatique.
650		7	\|a COMPUTERS \|x Internet \|x Security. \|2 bisacsh
650		7	\|a COMPUTERS \|x Networking \|x Security. \|2 bisacsh
650		7	\|a COMPUTERS \|x Security \|x General. \|2 bisacsh
650		7	\|a Computer networks \|x Security measures \|2 fast
650		7	\|a Computer security \|2 fast
650		7	\|a Computers \|x Access control \|2 fast
700	1		\|a Baker, Andrew R. \|1 https://id.oclc.org/worldcat/entity/E39PCjqPkjmJ9CTGxRrRMTg4tq \|0 http://id.loc.gov/authorities/names/no2005054692
700	1		\|a Esler, Joel.
758			\|i has work: \|a Snort (Text) \|1 https://id.oclc.org/worldcat/entity/E39PCGMFfJjkPWdPjT4GFDYGjK \|4 https://id.oclc.org/worldcat/ontology/hasWork
776	0	8	\|i Print version: \|a Beale, Jay. \|t Snort. \|d Burlington, MA : Syngress, ©2007 \|w (DLC) 2007279026
830		0	\|a Jay Beale's open source security series. \|0 http://id.loc.gov/authorities/names/no2004036853
856	1		\|l FWS01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744 \|3 Volltext
856	1		\|l CBO01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744 \|3 Volltext
856	1		\|l FWS01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://www.sciencedirect.com/science/book/9781597490993 \|3 Volltext
856	1		\|l CBO01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://www.sciencedirect.com/science/book/9781597490993 \|3 Volltext
938			\|a Baker and Taylor \|b BTCP \|n BK0006795631
938			\|a ebrary \|b EBRY \|n ebr10204325
938			\|a EBSCOhost \|b EBSC \|n 214744
938			\|a YBP Library Services \|b YANK \|n 2758395
938			\|a Internet Archive \|b INAR \|n snortidsipstoolk0000beal
994			\|a 92 \|b GEBAY
912			\|a ZDB-4-EBA

Datensatz im Suchindex

DE-BY-FWS_katkey	ZDB-4-EBA-ocn647692005
_version_	1813903371975786496
adam_text
any_adam_object
author	Beale, Jay
author2	Baker, Andrew R. Esler, Joel
author2_role
author2_variant	a r b ar arb j e je
author_GND	http://id.loc.gov/authorities/names/no2005054692
author_facet	Beale, Jay Baker, Andrew R. Esler, Joel
author_role
author_sort	Beale, Jay
author_variant	j b jb
building	Verbundindex
bvnumber	localFWS
callnumber-first	T - Technology
callnumber-label	TK5105
callnumber-raw	TK5105.59 .B42 2007eb
callnumber-search	TK5105.59 .B42 2007eb
callnumber-sort	TK 45105.59 B42 42007EB
callnumber-subject	TK - Electrical and Nuclear Engineering
collection	ZDB-4-EBA
contents	Ch. 1. Intrusion detection systems -- Ch. 2. Introducing snort 2.6 -- Ch. 3. Installing snort 2.6 -- Ch. 4. Configuring snort and add-ons -- Ch. 5. Inner workings -- Ch. 6. Preprocessors -- Ch. 7. Playing by the rules -- Ch. 8. Snort output plug-ins -- Ch. 9. Exploring IDS event analysis, snort style -- Ch. 10. Optimizing snort -- Ch. 11. Active response -- Ch. 12. Advanced snort -- Ch. 13. Mucking around with Barnyard.
ctrlnum	(OCoLC)647692005
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>07600cam a2200865Ma 4500</leader><controlfield tag="001">ZDB-4-EBA-ocn647692005</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20240705115654.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr cn\|\|\|\|\|\|\|\|\|</controlfield><controlfield tag="008">070810s2007 maua o 001 0 eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a"> 2007279026</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">E7B</subfield><subfield code="b">eng</subfield><subfield code="e">pn</subfield><subfield code="c">E7B</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">N$T</subfield><subfield code="d">YDXCP</subfield><subfield code="d">IDEBK</subfield><subfield code="d">ZCU</subfield><subfield code="d">WAU</subfield><subfield code="d">UMI</subfield><subfield code="d">CEF</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">NHM</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">DEBSZ</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OPELS</subfield><subfield code="d">BTCTA</subfield><subfield code="d">OCLCF</subfield><subfield code="d">DKDLA</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">COO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">AGLDB</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">JBG</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCA</subfield><subfield code="d">OCL</subfield><subfield code="d">D6H</subfield><subfield code="d">UAB</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">VTS</subfield><subfield code="d">NLE</subfield><subfield code="d">UKMGB</subfield><subfield code="d">WYU</subfield><subfield code="d">LEAUB</subfield><subfield code="d">OL$</subfield><subfield code="d">VT2</subfield><subfield code="d">UHL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">K6U</subfield><subfield code="d">VLY</subfield><subfield code="d">INARC</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">SXB</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield></datafield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBB6H5315</subfield><subfield code="2">bnb</subfield></datafield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBB6I9889</subfield><subfield code="2">bnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">017585057</subfield><subfield code="2">Uk</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">018003269</subfield><subfield code="2">Uk</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">144519748</subfield><subfield code="a">162597519</subfield><subfield code="a">190823281</subfield><subfield code="a">354466122</subfield><subfield code="a">488431193</subfield><subfield code="a">507548381</subfield><subfield code="a">1044264215</subfield><subfield code="a">1056381356</subfield><subfield code="a">1074335958</subfield><subfield code="a">1103264563</subfield><subfield code="a">1113761471</subfield><subfield code="a">1129349887</subfield><subfield code="a">1151272520</subfield><subfield code="a">1162006254</subfield><subfield code="a">1192345916</subfield><subfield code="a">1203852200</subfield><subfield code="a">1240513024</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780080549279</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0080549276</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1597490997</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781597490993</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1281112593</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781281112590</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9786611112592</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">6611112596</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)647692005</subfield><subfield code="z">(OCoLC)144519748</subfield><subfield code="z">(OCoLC)162597519</subfield><subfield code="z">(OCoLC)190823281</subfield><subfield code="z">(OCoLC)354466122</subfield><subfield code="z">(OCoLC)488431193</subfield><subfield code="z">(OCoLC)507548381</subfield><subfield code="z">(OCoLC)1044264215</subfield><subfield code="z">(OCoLC)1056381356</subfield><subfield code="z">(OCoLC)1074335958</subfield><subfield code="z">(OCoLC)1103264563</subfield><subfield code="z">(OCoLC)1113761471</subfield><subfield code="z">(OCoLC)1129349887</subfield><subfield code="z">(OCoLC)1151272520</subfield><subfield code="z">(OCoLC)1162006254</subfield><subfield code="z">(OCoLC)1192345916</subfield><subfield code="z">(OCoLC)1203852200</subfield><subfield code="z">(OCoLC)1240513024</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">CL0500000039</subfield><subfield code="b">Safari Books Online</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">TK5105.59</subfield><subfield code="b">.B42 2007eb</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">060040</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">043050</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">053000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Beale, Jay.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Snort :</subfield><subfield code="b">IDS and IPS toolkit /</subfield><subfield code="c">featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.</subfield></datafield><datafield tag="260" ind1=" " ind2=" "><subfield code="a">Burlington, MA :</subfield><subfield code="b">Syngress,</subfield><subfield code="c">©2007.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (xxxiv, 730 pages :)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="1" ind2=" "><subfield code="a">Jay Beale's open source security series</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Ch. 1. Intrusion detection systems -- Ch. 2. Introducing snort 2.6 -- Ch. 3. Installing snort 2.6 -- Ch. 4. Configuring snort and add-ons -- Ch. 5. Inner workings -- Ch. 6. Preprocessors -- Ch. 7. Playing by the rules -- Ch. 8. Snort output plug-ins -- Ch. 9. Exploring IDS event analysis, snort style -- Ch. 10. Optimizing snort -- Ch. 11. Active response -- Ch. 12. Advanced snort -- Ch. 13. Mucking around with Barnyard.</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Print version record.</subfield></datafield><datafield tag="520" ind1="8" ind2=" "><subfield code="a">This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed.</subfield></datafield><datafield tag="520" ind1="8" ind2=" "><subfield code="a">Includes a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more. The last part of the book contains several chapters on active response, intrusion prevention, and using Snorts most advanced capabilities for everything from forensics and incident handling to building and analyzing honey pots. Data from real world attacks will be presented throughout this part as well as on the accompanying CD. * This fully integrated book, CD, and Web toolkit covers everything all in one convenient package * It is authored by members of the Snort team and it is packed full of their experience and expertise * Includes full coverage of the brand new Snort version 2.6, packed full of all the latest information.</subfield></datafield><datafield tag="546" ind1=" " ind2=" "><subfield code="a">English.</subfield></datafield><datafield tag="630" ind1="0" ind2="0"><subfield code="a">Snort (Computer file)</subfield></datafield><datafield tag="630" ind1="0" ind2="7"><subfield code="a">Snort (Computer file)</subfield><subfield code="2">blmlsh</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh94001277</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computers</subfield><subfield code="x">Access control.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85029553</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh90001862</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Computer Security</subfield><subfield code="0">https://id.nlm.nih.gov/mesh/D016494</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Réseaux d'ordinateurs</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Ordinateurs</subfield><subfield code="x">Accès</subfield><subfield code="x">Contrôle.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Sécurité informatique.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Internet</subfield><subfield code="x">Security.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Networking</subfield><subfield code="x">Security.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Security</subfield><subfield code="x">General.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers</subfield><subfield code="x">Access control</subfield><subfield code="2">fast</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Baker, Andrew R.</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCjqPkjmJ9CTGxRrRMTg4tq</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2005054692</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Esler, Joel.</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Snort (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCGMFfJjkPWdPjT4GFDYGjK</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Beale, Jay.</subfield><subfield code="t">Snort.</subfield><subfield code="d">Burlington, MA : Syngress, ©2007</subfield><subfield code="w">(DLC) 2007279026</subfield></datafield><datafield tag="830" ind1=" " ind2="0"><subfield code="a">Jay Beale's open source security series.</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2004036853</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">CBO01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://www.sciencedirect.com/science/book/9781597490993</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">CBO01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://www.sciencedirect.com/science/book/9781597490993</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Baker and Taylor</subfield><subfield code="b">BTCP</subfield><subfield code="n">BK0006795631</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ebrary</subfield><subfield code="b">EBRY</subfield><subfield code="n">ebr10204325</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">214744</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">2758395</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Internet Archive</subfield><subfield code="b">INAR</subfield><subfield code="n">snortidsipstoolk0000beal</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield></record></collection>
id	ZDB-4-EBA-ocn647692005
illustrated	Illustrated
indexdate	2024-10-25T16:17:38Z
institution	BVB
isbn	9780080549279 0080549276 1281112593 9781281112590 9786611112592 6611112596
language	English
lccn	2007279026
oclc_num	647692005
open_access_boolean
owner	MAIN
owner_facet	MAIN
physical	1 online resource (xxxiv, 730 pages :)
psigel	ZDB-4-EBA
publishDate	2007
publishDateSearch	2007
publishDateSort	2007
publisher	Syngress,
record_format	marc
series	Jay Beale's open source security series.
series2	Jay Beale's open source security series
spelling	Beale, Jay. Snort : IDS and IPS toolkit / featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor. Burlington, MA : Syngress, ©2007. 1 online resource (xxxiv, 730 pages :) text txt rdacontent computer c rdamedia online resource cr rdacarrier Jay Beale's open source security series Ch. 1. Intrusion detection systems -- Ch. 2. Introducing snort 2.6 -- Ch. 3. Installing snort 2.6 -- Ch. 4. Configuring snort and add-ons -- Ch. 5. Inner workings -- Ch. 6. Preprocessors -- Ch. 7. Playing by the rules -- Ch. 8. Snort output plug-ins -- Ch. 9. Exploring IDS event analysis, snort style -- Ch. 10. Optimizing snort -- Ch. 11. Active response -- Ch. 12. Advanced snort -- Ch. 13. Mucking around with Barnyard. Print version record. This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed. Includes a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more. The last part of the book contains several chapters on active response, intrusion prevention, and using Snorts most advanced capabilities for everything from forensics and incident handling to building and analyzing honey pots. Data from real world attacks will be presented throughout this part as well as on the accompanying CD. * This fully integrated book, CD, and Web toolkit covers everything all in one convenient package * It is authored by members of the Snort team and it is packed full of their experience and expertise * Includes full coverage of the brand new Snort version 2.6, packed full of all the latest information. English. Snort (Computer file) Snort (Computer file) blmlsh Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Réseaux d'ordinateurs Sécurité Mesures. Ordinateurs Accès Contrôle. Sécurité informatique. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast Computer security fast Computers Access control fast Baker, Andrew R. https://id.oclc.org/worldcat/entity/E39PCjqPkjmJ9CTGxRrRMTg4tq http://id.loc.gov/authorities/names/no2005054692 Esler, Joel. has work: Snort (Text) https://id.oclc.org/worldcat/entity/E39PCGMFfJjkPWdPjT4GFDYGjK https://id.oclc.org/worldcat/ontology/hasWork Print version: Beale, Jay. Snort. Burlington, MA : Syngress, ©2007 (DLC) 2007279026 Jay Beale's open source security series. http://id.loc.gov/authorities/names/no2004036853 FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744 Volltext CBO01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744 Volltext FWS01 ZDB-4-EBA FWS_PDA_EBA https://www.sciencedirect.com/science/book/9781597490993 Volltext CBO01 ZDB-4-EBA FWS_PDA_EBA https://www.sciencedirect.com/science/book/9781597490993 Volltext
spellingShingle	Beale, Jay Snort : IDS and IPS toolkit / Jay Beale's open source security series. Ch. 1. Intrusion detection systems -- Ch. 2. Introducing snort 2.6 -- Ch. 3. Installing snort 2.6 -- Ch. 4. Configuring snort and add-ons -- Ch. 5. Inner workings -- Ch. 6. Preprocessors -- Ch. 7. Playing by the rules -- Ch. 8. Snort output plug-ins -- Ch. 9. Exploring IDS event analysis, snort style -- Ch. 10. Optimizing snort -- Ch. 11. Active response -- Ch. 12. Advanced snort -- Ch. 13. Mucking around with Barnyard. Snort (Computer file) Snort (Computer file) blmlsh Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Réseaux d'ordinateurs Sécurité Mesures. Ordinateurs Accès Contrôle. Sécurité informatique. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast Computer security fast Computers Access control fast
subject_GND	http://id.loc.gov/authorities/subjects/sh94001277 http://id.loc.gov/authorities/subjects/sh85029553 http://id.loc.gov/authorities/subjects/sh90001862 https://id.nlm.nih.gov/mesh/D016494
title	Snort : IDS and IPS toolkit /
title_auth	Snort : IDS and IPS toolkit /
title_exact_search	Snort : IDS and IPS toolkit /
title_full	Snort : IDS and IPS toolkit / featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.
title_fullStr	Snort : IDS and IPS toolkit / featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.
title_full_unstemmed	Snort : IDS and IPS toolkit / featuring Jay Beale and members of the Snort team, Andrew R. Baker, Joel Esler ; foreword by Stephen Northcutt ; Toby Kohlenberg, technical editor.
title_short	Snort :
title_sort	snort ids and ips toolkit
title_sub	IDS and IPS toolkit /
topic	Snort (Computer file) Snort (Computer file) blmlsh Computer networks Security measures. http://id.loc.gov/authorities/subjects/sh94001277 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Réseaux d'ordinateurs Sécurité Mesures. Ordinateurs Accès Contrôle. Sécurité informatique. COMPUTERS Internet Security. bisacsh COMPUTERS Networking Security. bisacsh COMPUTERS Security General. bisacsh Computer networks Security measures fast Computer security fast Computers Access control fast
topic_facet	Snort (Computer file) Computer networks Security measures. Computers Access control. Computer security. Computer Security Réseaux d'ordinateurs Sécurité Mesures. Ordinateurs Accès Contrôle. Sécurité informatique. COMPUTERS Internet Security. COMPUTERS Networking Security. COMPUTERS Security General. Computer networks Security measures Computer security Computers Access control
url	https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=214744 https://www.sciencedirect.com/science/book/9781597490993
work_keys_str_mv	AT bealejay snortidsandipstoolkit AT bakerandrewr snortidsandipstoolkit AT eslerjoel snortidsandipstoolkit

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Volltext öffnen

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge