Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES)

 

Quién debería asistir

This course is designed for technical professionals who need to know how to write rules and understand open source Snort language. The primary audience for this course includes:

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Prerrequisitos

  • Technical understanding of TCP/IP networking and network architecture
  • Working knowledge of how to use and operate Cisco Sourcefire® Systems or open source Snort
  • Working knowledge of command-line text editing tools, such as the vi editor
  • Basic rule-writing experience is suggested

Objetivos del curso

  • Understand rule structure, rule syntax, rule options, and their usage
  • Configure and create Snort rules
  • Understand the rule optimization process to create efficient rules
  • Understand preprocessors and how data is presented to the rule engine
  • Create and implement functional Regular Expressions in Snort rules
  • Design and apply rules using byte_jump/test/extract rule options
  • Understand the concepts behind protocol modeling to write rules that perform better

Contenido del curso

Securing Cisco® Networks with Snort Rule Writing Best Practices (SSFRULES) is an instructor-led course offered by Learning Services High-Touch Delivery. It is a lab-intensive course that introduces students to the open source Snort community and rule-writing best practices.

Users focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work—implementing rule-language features to trigger alerts on the offending network traffic.

This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules.

Classroom training

Duración 2 días

Precio (sin incluir impuestos)
  • Panama: US$ 2.995,-
  • Argentina: US$ 2.995,-
  • Brasil: 15.403,- BRL
  • Chile: US$ 2.995,-
  • Colombia: US$ 2.995,-
  • Costa Rica: US$ 2.995,-
  • México: US$ 2.995,-
  • Perú: US$ 2.995,-

  • Cisco Learning Credits: 30 CLC
Entrenamiento en línea

Duración 3 días

Precio (sin incluir impuestos)
  • Panama: US$ 2.995,-
  • Argentina: US$ 2.995,-
  • Chile: US$ 2.995,-
  • Colombia: US$ 2.995,-
  • Costa Rica: US$ 2.995,-
  • México: US$ 2.995,-
  • Perú: US$ 2.995,-
 
Presionar el boton sobre el nombre de la ciudad para reservar Calendario
Este es un curso en línea Guiado por un Instructor
América Latina
Europa
Reino Unido
Dec 4, 2019 - Dec 6, 2019 Entrenamiento en línea Zona Horaria: Europe/London Lenguaje del curso: Inglés Este curso será presentado por un socio
América del Norte
Estados Unidos de América
Oct 1, 2019 - Oct 3, 2019 Entrenamiento en línea Zona Horaria: US/Central Lenguaje del curso: Inglés Este curso será presentado por un socio
Canadá
Oct 1, 2019 - Oct 3, 2019 Entrenamiento en línea Zona Horaria: Canada/Central Lenguaje del curso: Inglés Este curso será presentado por un socio