[Snort-users] Snort Tool Evaluation

Ty Bodell tebodell at ...11827...
Tue Sep 28 23:15:10 EDT 2004


Mr. Geschke--
I did read this book actually, and I'm not proclaiming it's a bible or
anything.  In fact, it's little more than a tool reference, listing
switches to the tools and options in the interfaces for third party
tools related to snort.  But, it does cover a majority of the tools
and this was why I was suggesting this to Jo.  To get a handle on the
tools mentioned in this book related to snort and extract pro's and
con's for using each one.

I also did read Snort 2.1 Intrustion Detection Second Edition Upgrade
and yes, I must concurr with and second your opinion.  There is no
better reference or doc that covers snort in all the ways that an
admin needs to know.

Best,
Ty Bodell


On Tue, 28 Sep 2004 21:06:38 +0200, Dirk Geschke <dirk_geschke at ...1344...> wrote:
> Hi Ty,
> 
> > Checkout the book "Managing Security with Snort and IDS Tools".  It's
> > an Oreilly book and it goes over a good amount of the tools designed
> > for snort.  From preprocessors to Web interfaces and Consoles, what
> > works with High Bandwidth deployments, etc.  I don't believe it covers
> > OpenAanval though.  You can extract the pro's and cons from there.
> 
> did you read this book? I just did this and it is by far the uggliest
> book I have seen either by O'Reilly or covering snort.
> 
> If you read the documentation which comes with snort you will get
> better informations than this book will give you.
> 
> If you are looking for a good book then take
> 
> Snort 2.1 Intrusion Detection, Second Edition ISBN 1-931836-04-3
> by Brian Caswell and Jay Beale
> 
> (Ok, I didn't read this book but the first edition covering snort-2.0
> and this book was quite useful. So I expect the second edition will be too.)
> 
> Best regards
> 
> Dirk
> 
> PS: There are more books on snort available but I read this two books.
> So I can't say anything to the other ones. They might be good or not but
> the O'Reilly book is definitively not useful.
>




More information about the Snort-users mailing list