Security Books: Tools
From SecurityForest
| Table of contents |
Managing Security with Snort and IDS Tools
Name: Managing Security with Snort and IDS Tools
Authors: Christopher Gerg, Kerry J. Cox (Editor)
Publisher: O'Reilly; 1 edition (August, 2004)
Pages: 304
ISBN: 0596006616
Description: Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools. This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs. The book covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book provides step-by-step instructions to quickly get up and running with Snort, and how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices. Managing Security with Snort and IDS Tools maps out a proactive--and effective--approach to keeping your systems safe from attack.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0596006616/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Snort 2.1 Intrusion Detection, Second Edition
Name: Snort 2.1 Intrusion Detection, Second Edition
Authors: Jay Beale, Caswell
Publisher: Syngress; 2 edition (May, 2004)
Pages: 751
ISBN: 1931836043
Description: Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities. Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). You will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability. A CD containing the latest version of Snort as well as other up-to-date Open Source security utilities will accompany the book.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/1931836043/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Nessus Network Auditing
Name: Nessus Network Auditing : Jay Beale's Open Source Security
Authors: Renaud Deraison, Noam Rathaus, HD Moore, Raven Alder, George Theall, Andy Johnston, Jimmy Alderson
Publisher: Syngress; 1 edition (September 30, 2004)
Pages: 544
ISBN: 1931836086
Description: This book focuses on installing, configuring and optimizing Nessus, which is a remote security scanner for Linux, BSD, Solaris, and other Unices. It is plug-in-based, has a GTK interface, and performs over 1200 remote security checks. It allows for reports to be generated in HTML, XML, LaTeX, and ASCII text, and suggests solutions for security problems. As with many open source programs, Nessus is incredibly popular, incredibly powerful, and incredibly under-documented. There are many Web sites (including nessus.org) where thousands of users congregate to share tips, tricks, and hints, yet no single, comprehensive resource exists. This book, written by Nessus lead developers, will document all facets of deploying Nessus on a production network.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/1931836086/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Ethereal Packet Sniffing
Name: Ethereal Packet Sniffing
Authors: Angela D. Orebaugh, Gilbert Ramirez, Ethereal.com
Publisher: Syngress; 1st edition (February 1, 2004)
Pages: 512
ISBN: 1932266828
Description: Only book available on extremely popular, yet completely undocumented Open Source security tool Ethereal. This book provides insider information on how to optimize performance of Ethereal on enterprise networks. Book comes with a CD containing Ethereal, Tethereal, Nessus, Snort, ACID, Barnyard, and more! This book shows how Ethereal compiles and runs (thanks to autoconf) on many flavors of UNIX (including Linux), and Windows. It shows how to capture packets from a number of different types of networking devices and also can read capture files taken earlier using either Ethereal or other programs such as tcpdump, snoop and various other network analyzer programs.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/1932266828/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Inside Network Perimeter Security
Name: Inside Network Perimeter Security : The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems
Authors: Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey
Publisher: Sams; 1st edition (June 28, 2002)
Pages: 650
ISBN: 0735712328
Description: The most practical, comprehensive solution to defending your network perimeter. Get expert insight from the industry's leading voices: Stephen Northcutt and the expertise of the SANS team. Inside Network Perimeter Security is a practical guide to designing, deploying, and maintaining network defenses. It discusses perimeter components such as firewalls, VPNs, routers, and intrusion detection systems, and explains how to integrate them into a unified whole to meet real-world business requirements. The book consolidates the experience of seventeen information security professionals working together as a team of writers and reviewers. This is an excellent reference for those interested in examining best practices of perimeter defense and in expanding their knowledge of network security. Because the book was developed in close coordination with the SANS Institute, it is also a valuable supplementary resource for those pursuing the GIAC Certified Firewall Analyst (GCFW) certification.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0735712328/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Honeypots - Tracking Hackers
Name: Honeypots - Tracking Hackers
Authors: Lance Spitzner
Publisher: Addison-Wesley Professional; Bk&CD-Rom edition (September 10, 2002)
Pages: 480
ISBN: 0321108957
Description: Spitzner defines the various types of "honeypots" that are used to emulate security breeches on computer networks, allowing system administrators to collect and analyze information on hackers who step into the trap. Spitzner, a senior security architect for Sun Microsystems, examines methods for honeypot deployment and addresses legal concerns about the rapidly growing technology that takes the offensive against computer crime. The included CD-ROM contains source code, data captures from actual attacks, and white papers.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0321108957/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
