Part 3: Snort 3 Packet Analysis
The third part of the book discusses packet processing in Snort 3 in detail, including packet acquisition, packet decoding, and the inspector component. This section will provide you with an in-depth understanding of the packet analysis process and how to configure each of the Snort modules.
This part has the following chapters:
- Chapter 6, Data Acquisition
- Chapter 7, Packet Decoding
- Chapter 8, Inspectors
- Chapter 9, Stream Inspectors
- Chapter 10, HTTP Inspector
- Chapter 11, DCE/RPC Inspectors
- Chapter 12, IP Reputation
