Securing Cisco Networks with Open Source Snort - SSFSNORT (Security)

Securing Cisco Networks with Open Source Snort - SSFSNORT (Security) Course Description

Duration: 4.00 days (32 hours)

Securing Cisco Networks with Open Source Snort is an instructor-led, lab-intensive course that introduces students to the open source Snort technology as well as rule writing. You will learn how to build and manage a Snort system using open source tools, plug-ins, and the Snort rule language to help manage, tune, and deliver feedback on suspicious network activity.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to construct a solid, secure Snort installation and write Snort rules using proper syntax and structure.

Next Class Dates

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this Securing Cisco Networks with Open Source Snort - SSFSNORT (Security) Course

  • » Security administrators
  • » Security consultants
  • » Network administrators
  • » System engineers
  • » Technical support personnel using open source IDS and IPS
  • » Channel partners and resellers

Back to Top

Securing Cisco Networks with Open Source Snort - SSFSNORT (Security) Course Objectives

  • » Understand what Snort is and its basic architectural components
  • » Understand Snorts dynamic plug-in capapbilities
  • » Understand the different modes of Snort operation
  • » Perform installation and configuration of the Snort system
  • » Install and configure Snorby
  • » Configure and tune the Snort pre-processors
  • » Understand rule maintenance and techniques to keep rules current
  • » Create Snort rules using both simple and advanced rule-writing techniques
  • » Monitor performance of a Snort deployment

Back to Top

Securing Cisco Networks with Open Source Snort - SSFSNORT (Security) Course Outline

      1. Intrusion Sensing technology, Challenges, and Sensor Deployment
      2. Introduction to Snort Technology
      3. Snort Installation
      4. Cofiguring Snort for Database Output and Graphical Analaysis
      5. Operating Snort
      6. Snort Configuration
      7. Configuring Snort Preprossors
      8. Keeping Rules Up to Date
      9. Budilidng a Distributed Snort Instalation
      10. Basic Rule Syntax and Usage
      11. Buildling a Snort IPS Installation
      12. Rule Optimization
      13. Using PCRE in Rules
      14. Basic Snort Tuning
      15. Using Byte_Jump/Test/Extract Rule Options
      16. Protocol Modeling Concepts and Using Flowbits in Rule Writing
      17. Case Studies in Rule Writing and Packet Analysis
      18. Labs
        1. Install Snort and Its Components (Module 3)
        2. Barnyard2 Installation (Module 4)
        3. Barnyard and Snorby Configuration (Module 4)
        4. Operating Snort (Module 5)
        5. Configuring Your IDS/IPS Installation (Module 6)
        6. Portscan Configuration (Module 7)
        7. Stream Reassembly (Module 7)
        8. Pulled Pork Installation, Configuration, and Usage (Module 8)
        9. Building a Distributed Snort Installation (Module 9)
        10. Wrighting Custom Rules (Module 10)
        11. Building an Inline IPS (Module 11)
        12. Using the Drop Action (Module 11)
        13. Using the Replace Action (Module 11)
        14. Optimizing Rules (Module 12)
        15. Using and Testing PCRE in Rules (Module 13)
        16. Using Event Filtering (Module 14)
        17. Using Supression (Module 14)
        18. Configuring Rule Profiling (Module 14)
        19. Detecting SADMIND Trust with Byte_Jump and Byte_Test (Module 15)
        20. Using the Bitwise AND Operation in Byte_Test (Module 15)
        21. Detecting ZenWorks Directory Traversal with Byte_Extract (Module 15)
        22. Writing Flowbits Rules (Module 16)
        23. Research and Packet Analysis (Module 17)
        24. Revisiting the Kaminsky Vulnerability (Module 17)

Back to Top

Do you have the right background for Securing Cisco Networks with Open Source Snort - SSFSNORT (Security)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

David M.
- Networking expert with several Cisco certifications, including CCENT, CCNA, CCDA, CCSI, and CCVP. - Has taught over 90 courses at NetCom Learning. - Average rating of 8.75 out of 9 on student evaluation reports.

Bio:

David has been in the Networking field for the past eleven years and holds several Cisco certifications. He has been an instructor since 2005 and has taught over 90 courses at NetCom Learning.

David is an extremely enthusiastic trainer with a raw passion towards teaching and delivering Cisco information and takes great pride in his career as an instructor, which has lead him to develop and deliver the class in his own unique way; very professional and knowledgeable, yet pleasant and enjoyable. His classes have a high passing rate for students taking certification exams, and averages 8.75 out of 9 on evaluation reports.
Michael G.
- Over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer.
- An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, as well as select Microsoft, Novell, CompTIA, Sun and CWNP courses.
- High-skilled and acclaimed instructor. Has trained over 900 students at Netcom Learning.

Bio:

Michael has over 22 years of professional experience in the IT field, including more than a decade as a Certified Trainer. An expert in Cisco's Routing, Switching, Security, Voice and Wireless areas, Michael also teaches select Microsoft, Novell, CompTIA, Sun and CWNP courses.

Michael's dedication and passion for teaching is unmatched. He has trained over 900 students at Netcom Learning since 2006 and his evaluation scores average 8.7 out of 9.
William D.
- Bachelors and Masters in Mathematics from University of Pennsylvania, in addition to several IT certifications.
- Over 20 years of experience in the IT industry; background ranges from engineering, administration and escalation support in networks.

Bio:

William is a highly-skilled IT professional with Bachelors and Masters Degree in Mathematics from University of Pennsylvania. He has been working in the IT industry for over 20 years, with experience in engineering, administration and escalation support in networks ranging from small to large scale complex enterprise environments.

As a Cisco and CompTIA Subject Matter Expert, he holds several certifications, including Cisco CCNA, CCNP, and CCIE. William is one of NetCom's top trainers, consistently scoring high marks in student evaluations.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Very knowledgeable instructor. True subject matter expert.

- Dameon R.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

The instructor knows his material very well.

- Hung N.

Course(s) Taken

» Implementing Cisco Voice Communications and QoS v8.0 - CVOICE

Good Training company with whom we have a history.

-Swaminathayer M.
Course(s) Taken

» Deploying Cisco ASA Firewall Solutions v2.0 - FIREWALL

  More testimonials »  

Back to Top

Ways to contact us

Back to Top