CCENT, CCNA, CCNP, CCDA, CCDP, CCDE, CCIE, CCSP, CCVP, CCIP.
Langly
Member
Posts:
222
Joined:
Tue Jul 14, 2009 11:59 pm
Certs:
CCENT

Books for learning Cisco IDS/IPS and maybe some Open Source

Thu Mar 29, 2012 1:53 pm

Fun question for you guys.

Since I am still very wet behind the ears for networking in general, I was wondering if anyone has suggestions for some good books to learn IDS/IPS the Cisco way? I don't plan on deploying any cisco based devices tragically, but I would like to learn the Cisco equipment anyways.

Also does anyone have any good suggestions for learning Snort based IDS boxes and Linux in general? For a work project I am doing both of those and my Linux experience is very limited.

I have a safari account so I can probably read a majority of the books people suggest, especially the Cisco ones.

:thankyou: to you guys for your help and advice in a lot of things. I've learned a lot from this forum and I love reading through to just absorb information about anything and everything and broaden my horizons

User avatar
ristau5741
Post Whore
Posts:
10179
Joined:
Tue Aug 21, 2007 2:15 pm
Certs:
Instanity

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Thu Mar 29, 2012 2:17 pm

CCNA security should have some good information on the IDS/IPS in general terms,
the CCNP Secuirty IPS OCG would probably provide good in depth material for the IPS
Tips of the day:
- The human mind is the ultimate creation invention.
- I have so many customers, my customers have customers.
- Sausage time
- POP, stack, and store

Langly
Member
Posts:
222
Joined:
Tue Jul 14, 2009 11:59 pm
Certs:
CCENT

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Thu Mar 29, 2012 2:41 pm

ristau5741 wrote:CCNA security should have some good information on the IDS/IPS in general terms,
the CCNP Secuirty IPS OCG would probably provide good in depth material for the IPS



Awesome, I've read some sections in the CCNP security books for other projects but I'll have to slate those books to be read in full.

I'm reading a book called Snort IDS and IPS Toolkit right now which has some pretty good info on snort. Its kind of out-dated but such is the life of open source software and books.

Anyone else have any other suggestions for books? Maybe some Cisco books from other sources besides Cisco press or Cisco Press books that go into more details like Security: SSL Remote Access VPNs which is a Cisco press book that goes into super detail on SSL.

User avatar
nicklauscombs
Ultimate Member
Posts:
669
Joined:
Thu Apr 17, 2008 11:13 am
Certs:
CCNP, CCNA: Security, JNCIA-FWV, JNCIA-SSL

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Fri Mar 30, 2012 3:25 pm

the CCNP Security IPS book is probably one of the better "up to date" books on the subject.

Ocelaris
New Member
Posts:
38
Joined:
Wed Feb 01, 2012 12:47 pm
Certs:
CCNA

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Thu Apr 05, 2012 4:41 pm

I'll touch on Linux briefly... find a way to make it useful to you in your job and/or home. Example, instead of buying a NAS appliance, build one. Instead of buying a media server, build one. Host a website on a Virtual Private Server, i.e. start with a centos or ubuntu distribution, and figure out how to install apache/mysql/php and like wordpress. Follow some guides from howtoforge.com . For security and linux, replace your home firewall with a linux appliance box, like pfsense or smoothwall. You'll also need to know ip tables etc... for your linux web server. Find something that motivates you to use it, and the rest will follow. Here's a cool blog I follow, and something to get you motivate to do more with linux networking:

http://louwrentius.com/blog/2012/02/exa ... ith-vlans/

Langly
Member
Posts:
222
Joined:
Tue Jul 14, 2009 11:59 pm
Certs:
CCENT

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Thu Apr 05, 2012 5:07 pm

Ocelaris wrote:I'll touch on Linux briefly... find a way to make it useful to you in your job and/or home. Example, instead of buying a NAS appliance, build one. Instead of buying a media server, build one. Host a website on a Virtual Private Server, i.e. start with a centos or ubuntu distribution, and figure out how to install apache/mysql/php and like wordpress. Follow some guides from howtoforge.com . For security and linux, replace your home firewall with a linux appliance box, like pfsense or smoothwall. You'll also need to know ip tables etc... for your linux web server. Find something that motivates you to use it, and the rest will follow. Here's a cool blog I follow, and something to get you motivate to do more with linux networking:

http://louwrentius.com/blog/2012/02/exa ... ith-vlans/


Nice, I'll dig into your suggestions for sure. I have a centos box here at my desk for Snort and its working pretty well from what I've got. I'm gonna put Base on it for have a little gui and then try snorby out.

As for home, I have a windows box for my FS server but I am going to try to take an older computer to turn into a PFsense box for fun when I have time. I guess my biggest problem right now is time, I don't have enough. Finishing my CCNA finally and jumping right into CCNA Sec after that. I was reading the requirements for CCNA sec and I'm confident I could pass it with a month of studying

User avatar
alphaomegait
Member
Posts:
106
Joined:
Fri May 27, 2011 8:16 pm
Certs:
CCNP-S, CCSP, CCNA-S, CCNA, CCDA

Books for learning Cisco IDS/IPS and maybe some Open Source

Sat Apr 21, 2012 6:45 am

There is very little IPS help out there. I bought the ipexpert stuff for ccie security and it covers IPS really well. I would look at what they have to offer.

User avatar
nicklauscombs
Ultimate Member
Posts:
669
Joined:
Thu Apr 17, 2008 11:13 am
Certs:
CCNP, CCNA: Security, JNCIA-FWV, JNCIA-SSL

Re: Books for learning Cisco IDS/IPS and maybe some Open Sou

Sat Apr 21, 2012 9:45 am

alphaomegait wrote:There is very little IPS help out there. I bought the ipexpert stuff for ccie security and it covers IPS really well. I would look at what they have to offer.

i back this. the INE material covers the topics well as an alternate.

'

Return to Cisco Certifications

Who is online

Users browsing this forum: Exabot [Bot] and 9 guests