Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

IDS and IPS with Snort 3

You're reading from IDS and IPS with Snort 3 Get up and running with Snort 3 and discover effective solutions to your security issues

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781800566163

Length 256 pages

Edition 1st Edition

Tools

Snort

Concepts

Network Security

Author (1):

Ashley Thomas

View More author details

Table of Contents (23) Chapters

Preface

1. Part 1: The Background

2. Chapter 1: Introduction to Intrusion Detection and Prevention FREE CHAPTER

3. Chapter 2: The History and Evolution of Snort

4. Part 2: Snort 3 – The New Horizon

5. Chapter 3: Snort 3 – System Architecture and Functionality

6. Chapter 4: Installing Snort 3

7. Chapter 5: Configuring Snort 3

8. Part 3: Snort 3 Packet Analysis

9. Chapter 6: Data Acquisition

10. Chapter 7: Packet Decoding

11. Chapter 8: Inspectors

12. Chapter 9: Stream Inspectors

13. Chapter 10: HTTP Inspector

14. Chapter 11: DCE/RPC Inspectors

15. Chapter 12: IP Reputation

16. Part 4: Rules and Alerting

17. Chapter 13: Rules

18. Chapter 14: Alert Subsystem

19. Chapter 15: OpenAppID

20. Chapter 16: Miscellaneous Topics on Snort 3

21. Index

Why subscribe?

22. Other Books You May Enjoy

HTTP inspector

Snort 3 supports two HTTP inspectors: http_inspect and http2_inspect. We will look at both inspectors in this section.

The HTTP Inspect (inspector) module analyzes the HTTP requests and responses. The module depends on the Stream TCP inspector to provide TCP data as a continuous (reassembled) stream of bytes. The module has a splitter component – HTTPStreamSplitter – that divides the TCP stream into HTTP protocol data units (PDUs). The HTTP PDUs are individual HTTP requests and responses. The operation of the HTTP Inspector module is shown at a high level in Figure 10.1:

Figure 10.1 – The stream_tcp module provides a stream of bytes to the HTTP inspector, which divides into HTTP PDUs

Figure 10.1 – The stream_tcp module provides a stream of bytes to the HTTP inspector, which divides into HTTP PDUs

The HTTP inspector analyzes, parses, and makes available the HTTP message in sections. Subsequently, the following message sections of an HTTP request are available to be matched against for detection:

Request line: This is the...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Ashley Thomas

Ashley Thomas

Ashley Thomas is a security researcher at Dell SecureWorks and a member of the Counter Threat Unit team. Before this role, he was instrumental in building the iSensor, a proprietary network intrusion prevention system. Ashley has a master's in computer networking from North Carolina State University, and he also holds several other certifications, including CISSP, GCIA, GREM, GCLD, and GWEB. He has authored several papers on intrusion detection and holds several patents in this field.

See other products by Ashley Thomas

Personalised recommendations for you

Based on your interests and search pattern

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m