[Snort-users] Books, URLS, Info On Reading & Understanding Snort Alerts

sunzi sunzi at ...8646...
Tue Jul 22 03:32:51 EDT 2003

Intrusion Signatures and Analysis
by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick


And when they say that it's 'better together' with Network Intrusion
Detection, there right :)

----- Original Message ----- 
From: "Steve Nutt" <luckysnutt at ...5190...>
To: "Snort-Users at ...4481..." <snort-users at lists.sourceforge.net>
Sent: Monday, July 21, 2003 11:31 PM
Subject: [Snort-users] Books, URLS, Info On Reading & Understanding Snort

> Need Information,
> I am trying to better understand how one would research and determine what
> is actually happening with the network alerts. I have snort and
> I get activity but I don't have a clue about how to go about validating
> actual alert. Does someone have a good site, book, magazine, class, user
> group etc. that will point me in the direction to acquire the knowledge to
> understand my alerts.
> I get an alert and GFI but spend hours reading about someone else's
> to understand the same thing.
> In serach of,
> Steve
> -------------------------------------------------------
> This SF.net email is sponsored by: VM Ware
> With VMware you can run multiple operating systems on a single machine.
> WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
> same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

More information about the Snort-users mailing list