the de facto standard in IPS  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Snort Downloads Snort Rules Snort Docs Snort Training Snort Forums Snort Community Snort Store
Search Site
Search Rules
Account
email
password
not registered?
can't login?
user preferences

Snort Documents

Official Documentation Development Papers Archived Webcasts
Setup Guides Snort & Industry Articles  
IDS Deployment Guides Industry Papers  
Snort Books International Docs  

Official Documentation
Title Author
Snort Users Manual | printable PDF Snort Team
Snort FAQ | printable version  
Setup Guides
Title Author
Snort Installation on SUSE 10.0 Boris Gomez
Slackware Snort Installation Guide Jeffrey Denton
Debian, Snort, Barnyard, BASE, & Oinkmaster Setup Guide Andy Firman
Snort 2.3.2/2.4.3 Install on FreeBSD 5.4 and 6.0 Henry Orlando Acevedo Lopez
Oinkmaster Installation and Configuration Guide Patrick S. Harper
Snort, Apache, SSL, PHP, MySQL, and BASE Install on CentOS 4, RHEL 4 or Fedora Core (updated for Snort 2.6.0. and NTOP) Patrick S. Harper
Snort, Apache, PHP, MySQL, ACID on Solaris 9 Installation Guide Guillaume Rix
Installing Freebsd, Mysql, and Snort Tutorial Keith Tokash
Snort Installation Manual - Snort, MySQL, Redhat 7.3 Steven J. Scott
Snort's Place in a Windows 2000 Environment Jon Bull
ACID: Installation and Configuration Roman Danyliw
Snort, MySQL 5, Apache, and BASE for Gentoo Linux Chris Vespermann
  back to top
IDS Deployment Guides
Title Author
How To Guide: Intrusion Detection Systems Brian Laing, ISS.
Construction and Use of a Passive Ethernet Tap Michael Peters
100Mb IDS Tapping Diagram (with only 100bt span port) Jeff Nathan
100Mb IDS Tapping Diagram (with 1000bt span port) Jeff Nathan
GIGE IDS Tapping Diagram (with load balancers) Jeff Nathan
Requirements for Enterprise-Wide Scaling Intrusion Detection Products Detmar Liesen
  back to top
Development Papers
Title Author
Target-based Stream Reassembly and Stream5 Technical Study Judy Novak/Steve Sturges of Sourcefire
Target-based TCP Timestamp Technical Study Judy Novak/Steve Sturges of Sourcefire
Snort Preprocessors Development Kickstart Charles Bedón and Andres Arboleda
Frag3 Development Paper Judy Novak of Sourcefire
Snort Development Diagrams Charles Bedón and Andres Arboleda
Snort - Lightweight Intrusion Detection for Networks Marty Roesch
Snort Database Plugin Documentation Roman Danyliw
SnortDB database schema Roman Danyliw
  back to top
Snort-related Articles
Title Author
Evading NIDS, Revisited Sumit Siddharth
PaulDotCom Podcast with Marty Roesch PaulDotCom Security Weekly
Using Attack Responses to Improve Intrusion Detection Richard Bejtlich
Snort Inline Part 1 | Part 2 Pete Savage
Intrusion Detection and Prevention Learning Guide SearchSecurity
The Story of Snort: Past, Present and Future (incl. audio w/Marty) HNS Staff
Analyzing Snort Data with the Basic Analysis and Security Engine (BASE) Amy Rich (Sun)
School Traps Infected PCs PC World
Next-generation intrusion prevention: Defense before, during and after the attack Martin Roesch
Snort Technical Guide JP Vossen
  back to top
Industry Papers
Title Author
ICMP Attacks Against TCP Fernando Gont
Weaknesses in Wireless LAN Session Containment Joshua Wright
Passive Network Discovery for Real Time Situation Awareness Annie De Montigny-Leboeuf, Frédéric Massicotte
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection T Ptacek
T. Newsham
IDS Zone Placement Diagram Scott Sanchez
Experiences Benchmarking Intrusion Detection Systems Marcus J. Ranum
NIST Special Publication on Intrusion Detection Systems Rebecca Bace
Peter Mell
A Data Mining Framework for Building Intrusion Detection Models Wenke Lee
Stateful Intrusion Detection for High-Speed Networks Christopher Kruegel
Fredrik Valeur
Giovanni Vigna
Richard A. Kemmerer
Threat Management: The State of Intrusion Detection Steven J. Scott
  back to top
International Docs
Title Author
Snort 2.0 on Redhat 9 installation guide in German Klaus Pforte
Snort Slackware Installation Guide in Spanish Daniel Medianero
Snort Users Manual in Farsi Ebrahim MolavianJazi, IUT Network Security Lab
Snort Installation Guide - Portuguese Miquel Sampaio and Marco Silva, ESTG-IPLeiria-Portugal
NIDS Placement and Product Features - French David Bizeul and Oliver Badet
Snort Users Manual (Japanese) Translated by Japan Snort Users Group
Snort FAQ(Japanese) Translated by Japan Snort Users Group
Snort Installation Guide - Persian (farsi) Dadehban Security Solutions
Snort Installation Guide - French Fathi Ben Nasr
Snort Installation Guide - Turkish (RHEL 4, 2006-05) Seyhan Tekelioglu
Snort Installation Guide - Turkish Ozmen Emre DEMIRKOL
Snort, Apache, PHP, MySQL, and BASE on SuSe Setup Guide, in Russian zinfo@mail.ru
Snort Setup Guide, in Arabic Super@Security4Arab.net
Snort, ACID, and Checkpoint on Redhat 9.0 Installation Guide (in Turkish) Tolgay Ficici
MRTG + Snort - Russian, 2004-May Pavel Zaklyakov
The Three Snort Pigs. Snort Sensor Tuning Using SnortCenter - Russian, 2004-Mar Pavel Zaklyakov
More Suitable, Faster, Better: Snort + MySQL - Russian, 2003-Nov Pavel Zaklyakov
Detection of the Telecommunication Attacks: Theory and Practice, Snort - Russian, 2003-Oct Pavel Zaklyakov
  back to top
Archived Webcasts
Title Date
Snort User Webcast Series - Intro to SNORT
access webcast | slides (pdf)		 Feburary 2008
Snort User Webcast Series - Writing Effective Rules Pt.1
access webcast | slides (pdf)		 June 2008
  back to top
Snort Books
Cover About the book
Network Intrusion Detection

Title: Network Intrusion Detection (3rd Edition)
Authors:
Stephen Northcutt, Judy Novak
Intrusion Signatures and Analysis

Title: Intrusion Signatures and Analysis
Authors:
Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick

Extrusion Detection by Richard Bejtlich

Title: Extrusion Detection:
Security Monitoring for Internal Intrusions
Author:
Richard Bejtlich

IDS and IPS Toolkit Title:
IDS and IPS Toolkit (Jay Beale's Open Source Security)
Authors:
Andrew Baker, Jay Beale, Brian Caswell
Intrusion Prevention and Active Response Title:
Intrusion Prevention and Active Response: Deploying Network and Host IPS
Authors:
Michael Rash, Angela Orebaugh, Graham Clark, Becky Pinkard, Jake Babbin
Snort 2.1 book Title:
Snort 2.1 Intrusion Detection
Authors:
Andrew Baker, Jay Beale, Brian Caswell, Mike Poore
Snort 2.0 book Title:
Snort 2.0 Intrusion Detection
Authors:
Jay Beale, James C. Foster, Jeffrey Posluns, Ryan Russell, Brian Caswell
Intrusion Detection with Snort Title:
Intrusion Detection with Snort
Author:
Jack Koziol
Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID Title:
Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID
Author:
Rafeeq Rehman
Snort for Dummies Title:
Snort for Dummies
Author:
Charlie Scott, Paul Wolfe, Bert Hayes
Snort Cookbook Title:
Snort Cookbook
Author:
Angela D. Orebaugh, Simon Biles, Jacob Babbin
Snort and IDS Tools Title:
Snort and IDS Tools
Author:
Kerry J. Cox, Christopher Gerg
  back to top
site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.