[Snort-users] Course on IDS Log Interpertation

Dr SuSE drsuse at ...748...
Tue Nov 21 21:54:54 EST 2000


Sans has some courses.  Right now I'm enrolled in the GSEC course and so
far it's been pretty good.  They also have have a course just for NIDS but
I forgot what it's called.  There are also a couple of books you might
want to look into getting.

Network Intrusion Detection An Analyst's Handbook
By Stephen Northcutt
ISBN 0735708681

TCP/IP Illustrated, Volume 1 The Protocols
By W. Richard Stevens
ISBN 0201633469

Both of these books have helped me and I think the cheapest place I found
them was at bookpool.com  I got them new for the same price amazon charges
for the used book.

Marty, any plans for a Snort book?  I'd purchase a Snort book if one was
available....hint hint :)

Dr SuSE

"Microsoft ist nicht installiert"

On Wed, 22 Nov 2000, Christopher Northrop wrote:

> Yo group,
> 
>      Just wondering if anyone has heard of any courses on "The Art of
> Interpreting your IDS data/logs".  Maybe some guru out there might consider
> offering a similar course? Hands on would be nice..
> 
> Chris N.
> _____________________
> "Danger, Danger, Danger-
> Best not muck with it, If you
> know what's good for you"
> Steve Irwin,
> A.K.A.- Croc. Hunter
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users
> 




More information about the Snort-users mailing list