Snort Intrusion Detection, Rule Writing, and PCAP Analysis
Snort Intrusion Detection, Rule Writing, and PCAP Analysis
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 48000 Hz, 2ch | Size: 497 MB
Genre: eLearning Video | Duration: 2.5 hours | Language: English
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 48000 Hz, 2ch | Size: 497 MB
Genre: eLearning Video | Duration: 2.5 hours | Language: English
Learn how to write Snort rules from a real cybersecurity professional with lectures and hands-on lab exercises.
What you'll learn
Write Snort Rules
Analyze PCAPS using Wireshark and Tcpdump
Create Virtual Machines using VirtualBox
Configure Security Onion
Test Snort rules using automated scripts
Analyze Snort NIDS alerts using Squert
Configure Kali Linux
Test exploits and analyze resulting network traffic
Requirements
Basic networking knowledge
Basic Linux command line interface knowledge
Basic knowledge about operating systems and virtualization.
Description
Hello everybody. My name is Jesse Kurrus, and I’ll be your professor for the duration of the Snort Intrusion Detection, Rule Writing, and PCAP Analysis course. This course will consist of written material to go over on your own pace, and labs to reinforce the concepts from the provided resources. To follow along with these labs, you'll need a VirtualBox, Security Onion, Kali Linux, and Windows 7 VMs. These are all free and open source, including the Windows 7 VM which is available free for development purposes.
This course is 100% hands-on, save for the initial introduction. Please be prepared to follow along with these labs.
The following are the hands-on labs. Please refer to the course for full descriptions:
Lab 1: Setting up Security Onion with VirtualBox
Lab 2: Boleto Malware Snort Rule Writing and PCAP Analysis
Lab 3: Vetting Snort Rule Quality with Dumbpig
Lab 4: Utilizing Offset and Depth in a Snort Rule
Lab 5: Kali Linux Setup with VirtualBox
Lab 6: Snort Rule Writing (SSH and FTP)
Lab 7: Windows 7 Eternalblue Vulnerable VM VirtualBox Setup
Lab 8: Windows 7 Eternalblue Exploitation and Snort/PCAP Analysis
Lab 9: Eternalblue PCAP Analysis and Snort Rule Writing
Lab 10: Ubuntu Server 12.04 Vulnerable VM VirtualBox Setup
Lab 11: Ubuntu Server 12.04 Heartbleed Exploitation and Snort/PCAP Analysis
Lab 12: Heartbleed PCAP Analysis and Snort Rule Writing
Who this course is for:
Cybersecurity Professionals
Information Security Analysts
Network Security Analysts
SOC Analysts
Cybersecurity Students
Snort Intrusion Detection, Rule Writing, and PCAP Analysis
