[Snort-users] Where or how to interpret this
erek at ...577...
Sun Apr 8 14:53:19 EDT 2001
On Sun, 8 Apr 2001, shawn . moyer wrote:
> Hrmmm... I've been told Stephen Northcutt's book "Intrusion Detection:
> An Analyst's Handbook" is good. There are several O'Reilly books on
> TCP/IP that I've found useful, also "Building Internet Firewalls", and
> "Practical Unix and Internet Security".
Northcutt's is well worth getting. IMHO, if you get no other books, I'd
suggest Northcutt's Intrusion Detection (2nd ed. just came out in Sept), and
W. Richard Stevens' "TCP/IP Illustrated, Volume 1: The Protocols".
> As far as websites: http://packetstorm.securify.com and
> http://www.securityfocus.com are two of the most useful, although
> Securityfocus' new frame-ified layout is painful to navigate. Also
> http://phrack.infonexus.com if you want to do some historical reading.
It's amazing the amount of technical details you can find in the Phracks.
It's also amazing the amount of cruft that's in there. ;-)
More information about the Snort-users