[Snort-users] Books, URLS, Info On Reading & Understanding Snort Alerts

sunzi sunzi at ...8646...
Tue Jul 22 03:32:51 EDT 2003


Intrusion Signatures and Analysis
by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick

http://www.amazon.com/exec/obidos/tg/detail/-/0735710635/

And when they say that it's 'better together' with Network Intrusion
Detection, there right :)

sunzi
----- Original Message ----- 
From: "Steve Nutt" <luckysnutt at ...5190...>
To: "Snort-Users at ...4481..." <snort-users at lists.sourceforge.net>
Sent: Monday, July 21, 2003 11:31 PM
Subject: [Snort-users] Books, URLS, Info On Reading & Understanding Snort
Alerts


> Need Information,
>
> I am trying to better understand how one would research and determine what
> is actually happening with the network alerts. I have snort and
snortsnarf.
> I get activity but I don't have a clue about how to go about validating
the
> actual alert. Does someone have a good site, book, magazine, class, user
> group etc. that will point me in the direction to acquire the knowledge to
> understand my alerts.
>
> I get an alert and GFI but spend hours reading about someone else's
attempts
> to understand the same thing.
>
> In serach of,
> Steve
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: VM Ware
> With VMware you can run multiple operating systems on a single machine.
> WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
> same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>





More information about the Snort-users mailing list