Snort Intrusion Detection and Prevention Toolkit
2008-11-07 19:20
489 查看
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章原始出版、作者信息和本声明。否则将追究法律责任。http://blog.csdn.net/topmvp - topmvp
The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed including a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more.
http://rapidshare.com/files/27240612/_1597490997_Snort_Intrusion_Detection_and_Prevention_Toolkit.rar http://depositfiles.com/files/800437 http://rapidshare.com/files/27937948/b-676b01.zip
The accompanying CD contains examples from real attacks allowing readers test their new skills. The book will begin with a discussion of packet inspection and the progression from intrusion detection to intrusion prevention. The authors provide examples of packet inspection methods including: protocol standards compliance, protocol anomaly detection, application control, and signature matching. In addition, application-level vulnerabilities including Binary Code in HTTP headers, HTTP/HTTPS Tunneling, URL Directory Traversal, Cross-Site Scripting, and SQL Injection will also be analyzed. Next, a brief chapter on installing and configuring Snort will highlight various methods for fine tuning your installation to optimize Snort performance including hardware/OS selection, finding and eliminating bottlenecks, and benchmarking and testing your deployment. A special chapter also details how to use Barnyard to improve the overall performance of Snort. Next, best practices will be presented allowing readers to enhance the performance of Snort for even the largest and most complex networks. The next chapter reveals the inner workings of Snort by analyzing the source code. The next several chapters will detail how to write, modify, and fine-tune basic to advanced rules and pre-processors. Detailed analysis of real packet captures will be provided both in the book and the accompanying CD. Several examples for optimizing output plugins will then be discussed including a comparison of MySQL and PostrgreSQL. Best practices for monitoring Snort sensors and analyzing intrusion data follow with examples of real world attacks using: ACID, BASE, SGUIL, SnortSnarf, Snort_stat.pl, Swatch, and more.
http://rapidshare.com/files/27240612/_1597490997_Snort_Intrusion_Detection_and_Prevention_Toolkit.rar http://depositfiles.com/files/800437 http://rapidshare.com/files/27937948/b-676b01.zip
相关文章推荐
- [Cloud Computing]Mechanisms: Intrusion Detection and Prevention Systems
- How-To: Email Alerting for the Snort Intrusion Detection System
- Prevention, Detection and Repair of Database Corruption
- Ninja: A Privilege Escalation Detection and Prevention System!
- Snort: IDS and IPS toolkit
- Intrusion Detection & Prevention
- Ninja: A Privilege Escalation Detection and Prevention System!
- Open Source Next Generation Intrusion Detection and Prevention Engine
- [PDF]Intrusion Detection Techniques and Approaches
- INRIA目标检测和定位工具包 INRIA Object Detection and Localization Toolkit
- Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century
- Crystal Image Toolkit: thumbnail image control and picture viewing.
- Exemplar-SVMs for Object Detection and Beyond--Overview(一)
- DETECTION AND MITIGATION
- 【论文笔记】Region-based Convolutional Networks for Accurate Object Detection and Segmentation
- Region-based Convolutional Networks for Accurate Object Detection and Segmentation----R-CNN论文笔记
- 深度学习论文笔记:Rich feature hierarchies for accurate object detection and semantic segmentation
- Background Modeling and Foreground Detection -- GMM
- 图像取证:源识别和伪造检测(Image Forensics: source identification and tampering detection)
- 【aixiv2016】DeepText A Unified Framework for Text Proposal Generation and Text Detection in Natural I