If you are a network administrator, you're under a lot of pressureto ensure that mission-critical systems are completely safe frommalicious code, buffer overflows, stealth port scans, SMB probes,OS fingerprinting attempts, CGI attacks, and other networkintruders. Designing a reliable way to detect intruders before theyget in is an essential--but often overwhelming--challenge. Snort,the defacto open source standard of intrusion detection tools, iscapable of performing real-time traffic analysis and packet loggingon IP network. It can perform protocol analysis, content searching,and matching. Snort can save countless headaches; the new SnortCookbook will save countless hours of sifting through dubiousonline advice or wordy tutorials in order to leverage the fullpower of SNORT. Each recipe in the popular and practicalproblem-solution-discussion O'Reilly cookbook format contains aclear and thorough description of the problem, a concise butcomplete discussion of a solution, and real-world examples thatillustrate that solution. The Snort Cookbook coversimportant issues that sys admins and security pros will useveryday, such as:
rules and signatures
detecting common attacks
But the Snort Cookbook offers far more than quickcut-and-paste solutions to frustrating security issues. Those wholearn best in the trenches--and don't have the hours to spare topore over tutorials or troll online for best-practice snippets ofadvice--will find that the solutions offered in this ultimate Snortsourcebook not only solve immediate problems quickly, but alsoshowcase the best tips and tricks they need to master be securitygurus--and still have a life.