You're reading from IDS and IPS with Snort 3 Get up and running with Snort 3 and discover effective solutions to your security issues

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781800566163

Length 256 pages

Edition 1st Edition

Tools

Snort

Concepts

Network Security

Author (1):

Ashley Thomas

View More author details

Table of Contents (23) Chapters

Preface

1. Part 1: The Background

2. Chapter 1: Introduction to Intrusion Detection and Prevention FREE CHAPTER

3. Chapter 2: The History and Evolution of Snort

4. Part 2: Snort 3 – The New Horizon

5. Chapter 3: Snort 3 – System Architecture and Functionality

6. Chapter 4: Installing Snort 3

7. Chapter 5: Configuring Snort 3

8. Part 3: Snort 3 Packet Analysis

9. Chapter 6: Data Acquisition

10. Chapter 7: Packet Decoding

11. Chapter 8: Inspectors

12. Chapter 9: Stream Inspectors

13. Chapter 10: HTTP Inspector

14. Chapter 11: DCE/RPC Inspectors

15. Chapter 12: IP Reputation

16. Part 4: Rules and Alerting

17. Chapter 13: Rules

18. Chapter 14: Alert Subsystem

19. Chapter 15: OpenAppID

20. Chapter 16: Miscellaneous Topics on Snort 3

21. Index

Why subscribe?

22. Other Books You May Enjoy

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “Another key component that was included in this release was the IP defrag module.”

A block of code is set as follows:

alert tcp any any -> $HOME_NET [80,8080] (msg:"SQL Injection Detected"; flow:established,to_server; http_uri; content:"/wordpress/wp-content/plugins/demo_vul/endpoint.php"; content:"union"; distance:0; http_uri; content:"select"; distance:0; nocase; content:"from"; distance:0; nocase; sid:123;)

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

http://acunetix.php.example/wordpress/wp-content/plugins/demo_vul/endpoint.php?user=-1+union+select+1,2,3,4,5,6,7,8,9,(SELECT+user_pass+FROM+wp_users+WHERE+ID=1)

Any command-line input or output is written as follows:

sudo dnf install -y flex bison gcc gcc-c++ make cmake automake autoconf libtool curl pkgconf

Bold: Indicates a new term, an important word, or words that you see on screen. For instance, words in menus or dialog boxes appear in bold. Here is an example: “It can be noted that the Total Length field is 16 bits.”

Tips or important notes

Appear like this.

The rest of the chapter is locked

You're reading from IDS and IPS with Snort 3 Get up and running with Snort 3 and discover effective solutions to your security issues

Table of Contents (23) Chapters

Conventions used

Authors (1)

Personalised recommendations for you

You're reading from IDS and IPS with Snort 3 Get up and running with Snort 3 and discover effective solutions to your security issues

Table of Contents (23) Chapters

Conventions used

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you