Securing Networks with Open-Source Snort Bootcamp

Attendees will learn how to define the use and placement IDS/IPS components, identify Snort features and requirements, compile and install Snort, define, and use different modes of Snort and install and utilize Snort supporting software.

Engineers that require an in-depth knowledge of Open-Source Snort.

Attendees will learn how to define the use and placement IDS/IPS components, identify Snort features and requirements, compile and install Snort, define, and use different modes of Snort and install and utilize Snort supporting software.

Detecting Intrusions with Snort 3.0

    • History of Snort
    • IDS
    • IPS
    • IDS vs. IPS
    • Examining Attack Vectors
    • Application vs. Service Recognition

Sniffing the Network

    • Protocol Analyzers
    • Configuring Global Preferences
    • Capture and Display Filters
    • Capturing Packets
    • Decrypting Secure Sockets Layer (SSL) Encrypted Packets

Architecting Nextgen Detection

    • Snort 3.0 Design
    • Modular Design Support
    • Plug Holes with Plugins
    • Process Packets
    • Detect Interesting Traffic with Rules
    • Output Data

Choosing a Snort Platform

    • Provisioning and Placing Snort
    • Installing Snort on Linux

Operating Snort 3.0

    • Topic 1: Start Snort
    • Monitor the System for Intrusion Attempts
    • Define Traffic to Monitor
    • Log Intrusion Attempts
    • Actions to Take When Snort Detects an Intrusion Attempt
    • License Snort and Subscriptions

Examining Snort 3.0 Configuration

    • Introducing Key Features
    • Configure Sensors
    • Lua Configuration Wizard

Managing Snort

    • Pulled Pork
    • Barnyard2
    • Elasticsearch, Logstash, and Kibana (ELK)

Analyzing Rule Syntax and Usage

    • Anatomy of Snort Rules
    • Understand Rule Headers
    • Apply Rule Options
    • Shared Object Rules
    • Optimize Rules
    • Analyze Statistics

Use Distributed Snort 3.0

    • Design a Distributed Snort System
    • Sensor Placement
    • Sensor Hardware Requirements
    • Necessary Software
    • Snort Configuration
    • Monitor with Snort

Examining Lua

    • Introduction to Lua
    • Get Started with Lua

It is highly recommended to attend Securing Networks with Cisco Firepower Next Generation Firewall Bootcamp.

Share this course to someone
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp
Share on email
Email
Share on print
Print