Toll Free - 877-442-3915

Account | Self-Paced Login

Account | Self-Paced Login | 877-442-3915

SSFSNORT - Securing Cisco Networks with Open Source Snort Course

SSFSNORT - Securing Cisco Networks with Open Source Snort - On-Demand Training Course

Course Description

Course Description:

The SSFSNORT - Securing Cisco Networks with Open Source Snort course is a 4-day lab-intensive course that is designed to introduce students to the open source Snort technology, as well as rule writing. Among other powerful features, students will become familiar with:?

  • Building and Managing a Snort system
  • Updating rules
  • Snort rules language
  • The capabilities of Snort when deployed passively and inline?

The course with an introduction to the Snort technology and progresses through the installation and operation of Snort. Students will discover the various output types that Snort provides and learn about automated rule management including how to deploy and configure Pulled Pork, inline operations, and how to create custom Snort rules, including advanced rule-writing techniques and OpenAppID.

This course combines lecture materials and hands-on labs that give students practice in deploying and managing Snort.

Topics covered in the course include:

  • Snort technology and identify the resources that are available for maintaining a Snort deployment
  • Installing Snort on a Linux-based operating system
  • Snort operation modes and their command-line options
  • Snort intrusion detection output options
  • Downloading and deploying a new rule set to Snort
  • Configuring the snort.conf file
  • Configuring Snort for inline operation and configure the inline-only features
  • Snort basic rule syntax and usage
  • How traffic is processed by the Snort engine
  • Several advanced rule options used by Snort
  • OpenAppID features and functionality
  • How to monitor of Snort performance and how to tune rules

Target Student:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel using open source IDS and IPS
  • Channel partners and resellers

Prerequisites:

Basic understanding of:

  • Networking and network protocols
  • Linux command line utilities
  • Text-editing utilities commonly found in Linux
  • Network security concepts


This is an On-Demand Self Study Class, 4 -days of content, 365-days unlimited access. for $1000.
Students can take this class at any time; there are no set dates. It covers the same content as the 4 -day instructor-led class of the same name. The cost for this On-Demand class is $1000. (Applicable State and Local taxes may be added for On-Demand purchases, depending on your location.)

Course Syllabus

1. Intrusion Sensing Technology, Challenges, and Sensor Deployment

2. Introduction to Snort Technology

3. Snort Installation

4. Configuring Snort for Database Output and Graphical Analysis

5. Operating Snort

6. Snort Configuration

7. Configuring Snort Preprocessors

8. Keeping Rules Up to Date

9. Building a Distributed Snort Installation

10. Basic Rule Syntax and Usage

11. Building a Snort IPS Installation

12. Rule Optimization

13. Using PCRE in Rules

14. Basic Snort Tuning

15. Using Byte_Jump/Test/Extract Rule Options

16. Protocol Modeling Concepts and Using Flowbits in Rule Writing

17. Case Studies in Rule Writing and Packet Analysis

Labs:

Lab 1: Install Snort and Its Components

Lab 2: Barnyard2 Installation

Lab 3: Barnyard and Snorby Configuration

Lab 4: Operating Snort

Lab 5: Configuring Your IDS/IPS Installation

Lab 6: Portscan Configuration

Lab 7: Stream Reassembly

Lab 8: Pulled Pork Installation, Configuration, and Usage

Lab 9: Building a Distributed Snort Installation

Lab 10: Writing Custom Rules

Lab 11: Building an Inline IPS

Lab 12: Using the Drop Action

Lab 13: Using the Replace Action

Lab 14: Optimizing Rules

Lab 15: Using and Testing PCRE in Rules

Lab 16: Using Event Filtering

Lab 17: Using Suppression

Lab 18: Configuring Rule Profiling

Lab 19: Detecting SADMIND Trust with Byte_Jump and Byte_Test

Lab 20: Using the Bitwise and Operation in Byte_Test

Lab 21: Detecting ZENworks Directory Traversal with Byte_Extract

Lab 22: Writing Flowbits Rules

Lab 23: Research and Packet Analysis

Lab 24: Revisiting the Kaminsky Vulnerability

Live Instructor Training

Alabama
Birmingham South
Huntsville
Mobile
Montgomery

Arizona
Mesa
Phoenix
Scottsdale
Tucson

Arkansas
Bentonville
Little Rock west

California
El Segundo
Irvine
Los Angeles
Los Angeles West
Orange
Riverside
Sacramento
San Diego
San Diego - Mission Valley
San Francisco
Woodland Hills

Colorado
Boulder
Centennial
Colorado Springs
Denver
Fort Collins
Grand Junction
Lakewood
Loveland

Connecticut
Cheshire
Danbury
Rocky Hill
Shelton
Stamford

Delaware
Wilmington DE

Florida
Boca Raton
Fort Myers
Fort Walton Beach
Ft Lauderdale
Jacksonville
Kissimmee
Lakeland
Melbourne
Miami Doral
Miramar Beach
Naples
Orange Park
Orlando Northeast
Pensacola
Plantation
Sarasota
Tallahassee
Tampa

Georgia
Alpharetta
Atlanta Buckhead
Augusta
Duluth
Kennesaw
Macon
Savannah

Idaho
Boise
Meridian

Illinois
Chicago
Gurnee
Joliet
Naperville
Oakbrook Terrace
Peoria
Schaumburg

Indiana
Carmel
Evansville
Fort Wayne
Indianapolis
Indianapolis downtown
South Bend

Iowa
Des Moines
Quad Cities

Kansas
Lenexa
Wichita

Kentucky
Erlanger
Lexington
Louisville

Louisiana
Baton Rouge
New Orleans

Maine
Portland

Maryland
Annapolis
Bethesda
Columbia MD
Frederick
Germantown
Greenbelt
Owings Mills
Rockville
Towson

Massachusetts
Boston
Danvers
Woburn
Worcester

Michigan
Ann Arbor
Grand Rapids
Livonia
Troy

Minnesota
Bloomington
Maple Grove
Minneapolis
Woodbury

Mississippi
Jackson

Missouri
Lees Summit
Springfield
St Louis

Montana
Great Falls

Nebraska
Omaha

Nevada
Henderson
Las Vegas
Reno

New Hampshire
Bedford
Concord
Portsmouth

New Jersey
Bridgewater
Mahwah
Morristown
Mt Laurel
Paramus
Princeton
Red Bank

New Mexico
Albuquerque

New York
Albany
Bohemia
Buffalo
Mt Kisco
New York City - Grand Central Station
Rochester
Syracuse
Uniondale

North Carolina
Chapel Hill
Charlotte
Charlotte North
Fayetteville
Greensboro
Raleigh
Wilmington

North Dakota
Grand Forks

Ohio
Beachwood
Cincinnati
Cleveland
Columbus
Columbus Downtown
Dayton
Dublin
Independence OH
Toledo

Oklahoma
Oklahoma City
Tulsa

Oregon
Portland
Salem

Pennsylvania
Allentown
Erie
Huntingdon Valley
Lancaster
Malvern
Philadelphia
Pittsburgh downtown
State College
Wexford
York

Rhode Island
Warwick

South Carolina
Cayce
Greenville

South Dakota
Sioux Falls

Tennessee
Knoxville
Memphis
Nashville

Texas
Addison
Amarillo
Austin
Bryan
Dallas
El Paso
Fort Worth
Grapevine
Houston
Irving
Katy
Keller
Plano Frisco
San Antonio
San Antonio downtown
Sugar Land
The Woodlands
Waco

Utah
Provo
Salt Lake City

Vermont
Shelburne

Virginia
Alexandria
Arlington VA
Charlottesville
Fairfax
Fredericksburg
Glen Allen
Lynchburg
Manassas
McLean
Norfolk
Richmond
Roanoke

Washington
Bellevue
Olympia
Puyallup
Seattle
Tacoma

Washington DC
Washington DC

West Virginia
Martinsburg

Wisconsin
Brookfield
Green Bay
Madison

Wyoming
Casper
Cheyenne


Course Registration

Click below to register for the SSFSNORT - Securing Cisco Networks with Open Source Snort On-Demand class.



Course Title: SSFSNORT - Securing Cisco Networks with Open Source Snort
Format: On-Demand Course
Licence Period: 365-day User License
Price: $1000












"Great class!! Clear explanations of complex topics.
I could repeat lessons as many times as needed to make sure I mastered them."
- Thomas L(Akron, OH)


Business Computer Skills BBB Profile