Fun question for you guys.

Since I am still very wet behind the ears for networking in general, I was wondering if anyone has suggestions for some good books to learn IDS/IPS the Cisco way? I don't plan on deploying any cisco based devices tragically, but I would like to learn the Cisco equipment anyways.

Also does anyone have any good suggestions for learning Snort based IDS boxes and Linux in general? For a work project I am doing both of those and my Linux experience is very limited.

I have a safari account so I can probably read a majority of the books people suggest, especially the Cisco ones.

to you guys for your help and advice in a lot of things. I've learned a lot from this forum and I love reading through to just absorb information about anything and everything and broaden my horizons

CCNA security should have some good information on the IDS/IPS in general terms,
the CCNP Secuirty IPS OCG would probably provide good in depth material for the IPS

_________________
"If you're good at anticipating the human mind. It leaves nothing to chance."
-Jigsaw

Awesome, I've read some sections in the CCNP security books for other projects but I'll have to slate those books to be read in full.

I'm reading a book called Snort IDS and IPS Toolkit right now which has some pretty good info on snort. Its kind of out-dated but such is the life of open source software and books.

Anyone else have any other suggestions for books? Maybe some Cisco books from other sources besides Cisco press or Cisco Press books that go into more details like Security: SSL Remote Access VPNs which is a Cisco press book that goes into super detail on SSL.

the CCNP Security IPS book is probably one of the better "up to date" books on the subject.

I'll touch on Linux briefly... find a way to make it useful to you in your job and/or home. Example, instead of buying a NAS appliance, build one. Instead of buying a media server, build one. Host a website on a Virtual Private Server, i.e. start with a centos or ubuntu distribution, and figure out how to install apache/mysql/php and like wordpress. Follow some guides from howtoforge.com . For security and linux, replace your home firewall with a linux appliance box, like pfsense or smoothwall. You'll also need to know ip tables etc... for your linux web server. Find something that motivates you to use it, and the rest will follow. Here's a cool blog I follow, and something to get you motivate to do more with linux networking:

http://louwrentius.com/blog/2012/02/exa ... ith-vlans/

Nice, I'll dig into your suggestions for sure. I have a centos box here at my desk for Snort and its working pretty well from what I've got. I'm gonna put Base on it for have a little gui and then try snorby out.

As for home, I have a windows box for my FS server but I am going to try to take an older computer to turn into a PFsense box for fun when I have time. I guess my biggest problem right now is time, I don't have enough. Finishing my CCNA finally and jumping right into CCNA Sec after that. I was reading the requirements for CCNA sec and I'm confident I could pass it with a month of studying

There is very little IPS help out there. I bought the ipexpert stuff for ccie security and it covers IPS really well. I would look at what they have to offer.

i back this. the INE material covers the topics well as an alternate.