This is the second edition of the international best-seller Snort 2.0 Intrusion Detection book, first dreamed up and brought to life by Brian Caswell. Mike Poor, Toby Kohlenberg and I teamed up with Brian to direct this second edition, which brought substantial changes from the first. We re-wrote a number of the chapters, updating others, and adding a chapter on Barnyard (a boon to speed) written by its creator, Andrew Baker. The rest of the author team did a magnificent job, helping us to add a lot of material to the book.

I especially enjoyed working with the editor team. Mike brought a world of background from teaching IDS through SANS, helping organizations better deploy and tune Snort as a consultant, and working on Snort through Sourcefire's Research group. Toby has an amazing wealth of enterprise experience from creating a serious IDS capability at a Fortune 500 company and Brian Caswell brings an background from contributing to Snort's development for years, writing the bulk of its rules and doing some really creative things with the tool.

Don't just believe me, though. Read the reviews from Amazon. Harold McFarland writes a strong review that begins with If you want to know about Snort 2.1, one of the best open source intrusion detections systems available, then "Snort 2.1 Intrusion Detection, Second Edition" is the book you will want to have. Richard Bejtlich, while somewhat critical but always fair, still writes a strong review that calls the book the best Snort book. His review takes you through the substantial changes we made to this edition.