Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Chapter 1: From IDS to IPS and Beyond -- Chapter 2: Packet Inspection for Intrusion Analysis -- Chapter 3: Installing Snort for Optimum Performance -- Chapter 4: Fine Tuning Snort for Speed -- Chapter 5: Improving Snort Performance with Barnyard -- Chapter 6: Analyzing Snorts Source Code and Inner Workings -- Chapter 7: Writing, Modifying, and Optimizing Preprocessors -- Chapter 8: Writing, Modifying, and Optimizing Rules -- Chapter 9: Mastering Output Plug-Ins, Reporting, and Log Management -- Chapter 10: Best Practices for Monitoring Sensors -- Chapter 11: Real World Attack Analysis -- Chapter 12: Active Response and Intrusion Prevention -- Chapter 13: Forensic Analysis and Incident Handling -- Chapter 14: Building a Honeynet with Snort
This all new book covering the brand new Snort version 2.6 from members of the Snort developers team. This fully integrated book, CD, and Web toolkit covers everything from packet inspection to optimizing Snort for speed to using the most advanced features of Snort to defend even the largest and most congested enterprise networks. Leading Snort experts Brian Caswell, Andrew Baker, and Jay Beale analyze traffic from real attacks to demonstrate the best practices for implementing the most powerful Snort features. The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching.^