[Snort-Users] new to snort and intrusion detection

Michael Boman michael.boman at ...4162...
Thu May 8 21:54:03 EDT 2003

On Fri, 2003-05-09 at 01:47, Jonathan Jesse wrote:
> What I’m looking for is some help on how to learn how to use snort to
> its fullest, any sources/documentation to the best use out of it?

Using snort and doing intrusion detection is two different beasts that
works hand-in-hand. Below I list some good books that can help you along
the way:

Network Intrusion Detection: An Analyst's Handbook
Stephen Northcutt, Donald McLachlan, Judy Novak
New Riders Publishing; ISBN: 0735710082

Intrusion Signatures and Analysis
Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick
New Riders Publishing; ISBN: 0735710635

Incident Response: Investigating Computer Crime
Chris Prosise, Kevin Mandia
McGraw-Hill Professional Publishing; ISBN: 0072131829

Snort Intrusion Detection 2.0
Ryan Russell
Syngress Media Inc, ISBN: 1931836744

The Protocols (TCP/IP Illustrated, Volume 1)
W. Richard Stevens
Addison-Wesley Pub Co, ISBN: 0201633469

To test yourself you can also try:

Hacker's Challenge : Test Your Incident Response Skills Using 20
Mike Schiffman
McGraw-Hill Osborne Media, ISBN: 0072193840

Hacker's Challenge 2: Test Your Network Security & Forensic Skills
Mike Schiffman, Bill Pennington, David Pollino, Adam J. O'Donnell
McGraw-Hill Osborne Media, ISBN: 0072226307

Best regards
 Michael Boman

Michael Boman
Security Architect, SecureCiRT Pte Ltd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030508/ecb9ecbf/attachment.sig>

More information about the Snort-users mailing list