This eBook explains and simplifies every aspect of deploying and managing Snort in your network.
You'll discover how to monitor all your network traffic in real time; update Snort to reflect new security threats; automate and analyze Snort alerts; and more. Best of all, Rehman's custom scripts integrate Snort with Apache, MySQL, PHP, and ACID - so you can build and optimize a complete IDS solution more quickly than ever before.
- An expert introduction to intrusion detection and the role of Snort
- Writing and updating Snort rules to reflect the latest attacks and exploits
- Contains detailed coverage of Snort plug-ins, preprocessors, and output modules
- Logging alerts to a MySQL database
- Using ACID to search, process, and analyze security alerts
- Using SnortSnarf to analyze Snort log files
- XML support for Snort via the Simple Network Markup Language (SNML).