Hi All,

I'm looking to possibly need to make use of snort and its packet filtering/inspection abilities to help cover for PCI.

I've searched Amazon, but nothing really stand out, there is a new one (2007 - Snort Intrusion Detection and Prevention Toolkit), or slightly older ones... Managing Security with Snort & IDS Tools - 2004, Snort Cookbook - 2005, Snort for Dummies - 2004.

Now i'm tempted in just going for the latest one, but i'm completely new to snort so perhaps it needs another book like snort for dummies to get started ;-P

Cheers all for any comments,
M

If you haven't taken a look at it yet, try "Intrusion Detection Systems with Snort". It is a little dated (2003), but it is available for free (download) and would be worth looking into before you spend money on a book.

Gonna play devil's advocate: most books on the subject are gonna be pretty much "money well spent", IMO, especially Snort Intrusion Detection and Prevention Toolkit. Since you mentioned PCI, I'm assuming this is for a workplace setup. If that's the case, a document dated 2003 may not be enough. I'd get the free ebook and the IRL book just for comparison purposes. I'd not do this on the cheap (you're gonna get what you pay for, in most cases), because if this is a rateable task (meaning that you'll see success or failure noted in a performance review), you might want to ensure you know as much as possible on Snort implementation.

Just my 2 cents...

I have downloaded the 2003 PDF and will have a read through. I will most likely also buy a book as well perhaps the 2003 book will give me a good starting base and then the newest 2007 book for keeping it as new as possible.

Good tips! Thanks!!

The Snort manual is basically an almost 200 page book and it's updated.

1 members found this post helpful.

Thanks, I have already got and downloaded that. Should have mentioned that i guess. But yes, i just think its nice to get the side from people implementing it with good examples etc etc, not always in the manuals.