This course on intrusion detection with Snort aims to teach learners about intrusion detection systems, the different versions of Snort, Snort rules, and how to configure and use Snort effectively. By the end of the course, students will have gained practical experience in installing Snort, creating rules, running Snort, and utilizing logging features. The teaching method involves a combination of theoretical explanations and hands-on demonstrations in a lab environment. This course is intended for individuals interested in network security, particularly those looking to enhance their skills in intrusion detection and prevention.
Overview
Syllabus
Introduction
What We’ll Be Covering
Prerequisites
What Are Intrusion Detection Systems?
Introduction to Snort
What are the Different Versions of Snort?
What are Snort Rules?
Snort Rule Syntax
How Does Snort Work?
Snort IDS Network Placement
About Our Lab Environment
On to the Practical Demo
Installing Snort
How to Enable Promiscuous Mode
How to Examine the Manual for Snort
Snort Configuration
Testing Our Configuration File
Creating Basic Rules
How to Run Snort
Writing Another Rule
Verifying Our New Rule
How to Use Snorpy
Let’s Examine Community Rules
How to use Logging in Snort
Conclusion
Taught by
Linode
