Snort book recommendations?
I need to spend some off-screen time learning about Snort. Mostly about preprocessors and rules I think.
I was just going to throw a dart at one of these three books, but they are all from 2004-2007 (one of them even comes with a disk:)
- Snort Cookbook: Solutions and Examples for Snort Administrators by Angela Orebaugh 2005
- Managing Security with Snort and IDS Tools by Christopher Greg 2004
- Snort IDS and IPS Toolkit (Jay Beals Open Source Security) by Brian Casewell 2007
Will I get misled by these books because they are out of date? Any preferences or better alternatives?
NollipfSense last edited by
I use the snort user manual from the snort website.
Most of the "Book's" I have read tend to gloss over and do not go into enough
snort.org's docs would be my choice for sure, but I don't see them anywhere as an actual book. I've got some time for un-tethered reading but didn't want to print a bunch of stuff out. I'll probably just throw the dart :)
From: Joel Esler <jesler () sourcefire com>
Date: Wed, 25 Jan 2012 12:18:56 -0500
Author, and the book was outdated when it was published, and people are still buying it and I still receive a check
from it. But if I could, I'd pull the book from every shelf, because all it does is make my current job as community
manager harder. It covered Snort version 2.6 and was written during Snort 2.5, if that tells you the age of the book.
There were several chapters (including several mistakes in my own chapter) that are just plain wrong. I edited
several chapters of the book, and the changes were so heavy that they deemed I essentially rewrote them, and they
couldn't publish them as I wrote them because then the original author wouldn't get paid.