Skip to navigation (Press Enter)
Skip to search (Press Enter)
Skip to course offerings (Press Enter)
Skip to content (Press Enter)

CI-SSFSNORT

Classroom training

Duration
4 days

Price

on request

Dates and Booking

Enquire a date

Continuing Education

20 CE Credits

Cisco

Securing Cisco Networks with Open Source Snort (SSFSNORT) – Outline

Детальна програма курсу

Module 1:Intrusion Sensing technology, Challenges, and SensorDeployment
Module 2:Introduction to Snort Technology
Module 3:Snort Installation
Module 4:Cofiguring Snort for Database Output and Graphical Analaysis
Module 5: Operating Snort
Module 6: Snort Configuration
Module 7: Configuring Snort Preprossors
Module8: Keeping Rules Up to Date
Module 9: Budilidng a Distributed Snort Instalation
Module 10: Basic Rule Syntax and Usage
Module 11: Buildling a Snort IPS Installation
Module 12: Rule Optimization
Module 13: Using PCRE in Rules
Module 14: Basic Snort Tuning
Module 15: Using Byte_Jump/Test/Extract Rule Options
Module 16: Protocol Modeling Concepts and Using Flowbits in Rule Writing
Module 17: Case Studies in Rule Writing and Packet Analysis

Lab Outline

Lab 1:Install Snort and Its Components (Module 3)
Lab 2:Barnyard2 Installation (Module 4)
Lab 3:Barnyard and Snorby Configuration (Module 4)
Lab 4:Operating Snort (Module 5)
Lab 5:Configuring Your IDS/IPS Installation (Module 6)
Lab 6:Portscan Configuration (Module 7)
Lab 7:Stream Reassembly(Module 7)
Lab 8:Pulled Pork Installation, Configuration, and Usage (Module 8)
Lab 9: Building a Distributed Snort Installation (Module 9)
Lab 10: Wrighting Custom Rules (Module 10)
Lab 11: Building an Inline IPS (Module 11)
Lab 12: Using the Drop Action (Module 11)
Lab 13: Using the Replace Action (Module 11)
Lab 14: Optimizing Rules (Module 12)
Lab 15: Using and Testing PCRE in Rules (Module 13)
Lab 16:Using Event Filtering (Module 14)
Lab 17: Using Supression (Module 14)
Lab 18: Configuring Rule Profiling (Module 14)
Lab 19: Detecting SADMIND Trust with Byte_Jump and Byte_Test (Module 15)
Lab 20: Using the Bitwise AND Operation in Byte_Test (Module 15)
Lab 21: Detecting ZenWorks Directory Traversal with Byte_Extract (Module 15)
Lab 22: Writing Flowbits Rules (Module 16)
Lab 23: Research and Packet Analysis (Module 17)
Lab 24: Revisiting the Kaminsky Vulnerability (Module 17)