Rating: 
Summary: Useful but pricey
Review: I recommend this book but ... there are numerous (sometimes confusing) copy-editing errors and the things I'm most interested in (using ACID, using unified logs and using ACID with unified logs) are the most confusing. Given the length (500 pages) I'm surprised at certain ommisions and puzzled why 20 pages are wasted on a program listing (the book comes with a comprehensive CD with includes the book in pdf format).
Rating: 
Summary: SNORT COMPLETE...with a great suite of utilities
Review: I teach a graduate level course on Intrusion Detection. The core textbook is long on security concepts, network topographies, and is about 900 pages. It's long on theory and short on specifics---even shorter on actual tools and products.This book has proven to be a breath of fresh air. It provides detailed product specifics and is a reliable roadmap to actually rolling out an IDS. And I really appreciate the CD with Snort and the other IDS utilities. The author team is well connected with Snort.org and they obviously had cart blanche in writing this book. I've looked at the other books that have just come out andnotice that (1) they are shorter and have much less information on the actual sstme administration of Snort and (2) they don;t include software.
Rating:
Summary: Good for even the experienced Snort user
Review: I've been running Snort for since the earliest versions and spend a lot of time on the mail lists, working through problems with other users, etc. I got this book about 6 months ago, read it all the way through, and since then have been referring to it whenever I've had questions or problems with Snort. I was initially going to post a review after my initial reading, but wanted to see if I experienced any buyer's remorse after putting the book through it's paces a little bit more. Well, its' half a year later and I'm more impressed with it now than after my initial read. Every time I've had a question, I've found an answer in this book. I'm not quite sure what web site the reader from Maryland is visiting (it's certainly not the Snort site) where he found information anything like the Preproccesors chatper in this book. That chatper was obviously the result of some serious, independent research.
Rating:
Summary: Definitely worth the money.
Review: I've been using Snort for some time. I really like it, but I've always found it a little difficult to keep up with all of the features and everything. If you spend a lot of time on the snort.org site and on the mail lists you can learn a lot from everybody. But I don't always have the time to monitor the list or go through the archives. It is great now having everything I need to know in one book. Brian Caswell is the guy who makes all of the releases and keeps everything on the site maintained and he definitely knows his stuff.
Rating:
Summary: Well Worth the Wait
Review: I've been waiting for a long, long time to see a book focusing entirely on Snort- I was psyched to see this one hit my doorstep. Not only is this the only book you can get as of now, but it's on the money in terms of coverage. You can not go wrong with this one. Kudos to Mr. Russell and the rest of the authors.
Rating:
Summary: Useful but pricey
Review: Snorty the pig has long needed a trustworthy manual, the free one on snort.org is good, but this book is great. Congratulations to the very knowledgeable author and reviewer team! Thank you for sparing a rehash of how TCP works or a general survey of intrusion detection, focusing on what matters and sharing your hard earned Snort wisdom with us! This is a book about Snort, not about intrusion detection. You learn about all the parts of Snort, how to write a rule and tons and tons of auxiliary tools. Would I recommend this book to someone already running Snort? Yes! Would I recommend this book to someone considering deploying an IDS? Heck yes! In fact, if you attempt to deploy Snort on a production network without reading this book you should be instantly teleported out of your organization and into the "welcome to Walmart" greeter position at the nearest bigbox store of the world's largest corporation. The book is laid out in the typical readable, user friendly, Syngress fashion including the FAQ at the end of the chapter. I like that. I have two very minor complaints ( this is really 4.99999 stars instead of 5). The multiple pages of code without explanation in the back of the book should have been omitted or heavily commented. And I do not think sending the CDROM with the book was a good idea, Snort gets updated every couple weeks and the authors themselves "strongly recommend" getting the latest code from snort.org on page 75. Well worth the money, if you are even thinking about running an IDS, especially Snort, get the book now!
Rating:
Summary: Don't run Snort without it
Review: Snorty the pig has long needed a trustworthy manual, the free one on snort.org is good, but this book is great. Congratulations to the very knowledgeable author and reviewer team! Thank you for sparing a rehash of how TCP works or a general survey of intrusion detection, focusing on what matters and sharing your hard earned Snort wisdom with us! This is a book about Snort, not about intrusion detection. You learn about all the parts of Snort, how to write a rule and tons and tons of auxiliary tools. Would I recommend this book to someone already running Snort? Yes! Would I recommend this book to someone considering deploying an IDS? Heck yes! In fact, if you attempt to deploy Snort on a production network without reading this book you should be instantly teleported out of your organization and into the "welcome to Walmart" greeter position at the nearest bigbox store of the world's largest corporation. The book is laid out in the typical readable, user friendly, Syngress fashion including the FAQ at the end of the chapter. I like that. I have two very minor complaints ( this is really 4.99999 stars instead of 5). The multiple pages of code without explanation in the back of the book should have been omitted or heavily commented. And I do not think sending the CDROM with the book was a good idea, Snort gets updated every couple weeks and the authors themselves "strongly recommend" getting the latest code from snort.org on page 75. Well worth the money, if you are even thinking about running an IDS, especially Snort, get the book now!
Rating:
Summary: Wow!
Review: Talk about detailed! This book covers it all, from the very basic "What does Snort do" to the very advanced features. Highly recommend it for any IT department or home-business owner who wish to improve their computers' security systems. Definitely opened my eyes as to who could be looking at my private files.
Rating: 
Summary: Too many mistakes
Review: The technical content is ok, but I am extremely tired of reading books that contain so many grammatical mistakes that one gets irritated every time a page is turned. This publisher is notorious for this and emails I wrote to them were not answered. This is just not acceptable for an expensive book. Don't they have proofreaders?
Rating:
Summary: There IS no competition for this book
Review: This is a feature link from Snort.org for good reason. First, Brian Caswell knows more about Snort than anyone on the planet and it shows here. Secondly, the book is over 500 pages long, and is full of configuration examples. It is the ONE Snort book you need if you're actually running a corporate IDS. It's also the only book out there that includes Snort on CD (as well as ACID, BARNYARD AND SWATCH). Some of the other books are long on theory and short on substance---not this one. This pig flies. Highly recommended.
| 
