But in securing a computer system, this final layer of security is
frequently overlooked. "Too often people assume that the perimeter
protection of the firewall is sufficient to keep all attackers at bay, not
considering that attackers might just walk over the bridge through the
front gate," Orebaugh, Biles, and Babbin remind readers. "Attackers don't
kick down the door, they walk through it pretending to be someone else."

An intrusion detection system (IDS) doesn't exist to check the identity of
people coming through the firewall, but to keep an eye out for behavior
that's against the rules, rather like the security guard who watches to
see if someone is tampering with the lock on the door marked "Private."
Snort, the de facto open source standard of IDS, is capable of performing
real-time traffic analysis and packet logging on IP networks. It conducts
protocol analysis, content searching, and matching.  Snort is the security
guard placed on the network to make sure it stays secure.

The "Snort Cookbook" covers important issues that system administrators
and security professionals deal with every day, saving them countless
hours of sifting through dubious online advice or wordy tutorials to make
use of the full power of Snort. Presented in the popular
problem-solution-discussion format of O'Reilly cookbooks, each recipe
contains a clear and thorough description of the problem, a concise but
complete discussion of a solution, and real-world examples that illustrate
that solution. Topics include:

-Installation
-Optimization
-Logging
-Alerting
-Rules and signatures
-Detecting viruses
-Countermeasures
-Detecting common attacks
-Administration
-Honeypots
-Log analysis

But the "Snort Cookbook" offers more than quick cut-and-paste solutions to
frustrating security issues. Those who learn best in the trenches--but
don't have the hours to spare to hunt down best-practice snippets of
advice--will find solutions to immediate problems in this ultimate Snort
sourcebook. Its tips and tricks will help readers deploy Snort like
security gurus--and still have time to have a life.

Additional Resources:

Chapter 7, "Miscellaneous Other Uses," is available online at:
http://www.oreilly.com/catalog/snortckbk/chapter/index.html

For more information about the book, including table of contents, index,
author bios, and samples, see:
http://www.oreilly.com/catalog/snortckbk/index.html

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596007914.jpg

Snort Cookbook
Angela Orebaugh, Simon Biles, and Jacob Babbin
ISBN: 0-596-00791-4, 270 pages, $39.95 US, $55.95 CA
order@oreilly.com
1-800-998-9938
1-707-827-7000
http://www.oreilly.com
1005 Gravenstein Highway North
Sebastopol, CA 95472

About O'Reilly
O'Reilly Media, Inc. is the premier information source for leading-edge
computer technologies. The company's books, conferences, and web sites
bring to light the knowledge of technology innovators. O'Reilly books,
known for the animals on their covers, occupy a treasured place on the
shelves of the developers building the next generation of software.
O'Reilly conferences and summits bring alpha geeks and forward-thinking
business leaders together to shape the revolutionary ideas that spark new
industries. From the Internet to XML, open source, .NET, Java, and web
services, O'Reilly puts technologies on the map. For more information:
http://www.oreilly.com

# # #

O'Reilly is a registered trademark of O'Reilly Media, Inc. All other
trademarks are property of their respective owners.