Securing Cisco Networks with Open Source Snort
Seminar
In Berlin, Wien (Österreich), Stuttgart und an 21 weiteren Standorten
Beschreibung
-
Kursart
Seminar
-
Ort
-
Dauer
4 Tage
*+ Technical understanding of TCP/IP networking and network architecture*+ Proficiency with Linux and UNIX text editing tools (vi editor is suggested but not required)
Standorte und Zeitplan
Lage
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Beginn
Hinweise zu diesem Kurs
This course is designed for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), as well as write Snort rules. The primary audience for this course includes:*+ Security administrators*+ Security consultants*+ Network administrators*+ System engineers*+ Technical support personnel using open source IDS and IPS*+ Channel partners and resellers
Meinungen
Themen
- Installation
- Cisco
- VPN
- WLAN
- Secure Network
- Cisco Systems
Inhalte
- Module 1: Intrusion Sensing technology, Challenges, and Sensor Deployment
- Module 2: Introduction to Snort Technology
- Module 3: Snort Installation
- Module 4: Cofiguring Snort for Database Output and Graphical Analaysis
- Module 5: Operating Snort
- Module 6: Snort Configuration
- Module 7: Configuring Snort Preprossors
- Module 8: Keeping Rules Up to Date
- Module 9: Budilidng a Distributed Snort Instalation
- Module 10: Basic Rule Syntax and Usage
- Module 11: Buildling a Snort IPS Installation
- Module 12: Rule Optimization
- Module 13: Using PCRE in Rules
- Module 14: Basic Snort Tuning
- Module 15: Using Byte_Jump/Test/Extract Rule Options
- Module 16: Protocol Modeling Concepts and Using Flowbits in Rule Writing
- Module 17: Case Studies in Rule Writing and Packet Analysis Lab Outline
- Lab 1: Install Snort and Its Components (Module 3)
- Lab 2: Barnyard2 Installation (Module 4)
- Lab 3: Barnyard and Snorby Configuration (Module 4)
- Lab 4: Operating Snort (Module 5)
- Lab 5: Configuring Your IDS/IPS Installation (Module 6)
- Lab 6: Portscan Configuration (Module 7)
- Lab 7: Stream Reassembly (Module 7)
- Lab 8: Pulled Pork Installation, Configuration, and Usage (Module 8)
- Lab 9: Building a Distributed Snort Installation (Module 9)
- Lab 10: Wrighting Custom Rules (Module 10)
- Lab 11: Building an Inline IPS (Module 11)
- Lab 12: Using the Drop Action (Module 11)
- Lab 13: Using the Replace Action (Module 11)
- Lab 14: Optimizing Rules (Module 12)
- Lab 15: Using and Testing PCRE in Rules (Module 13)
- Lab 16: Using Event Filtering (Module 14)
- Lab 17: Using Supression (Module 14)
- Lab 18: Configuring Rule Profiling (Module 14)
- Lab 19: Detecting SADMIND Trust with Byte_Jump and Byte_Test (Module 15)
- Lab 20: Using the Bitwise AND Operation in Byte_Test (Module 15)
- Lab 21: Detecting ZenWorks Directory Traversal with Byte_Extract (Module 15)
- Lab 22: Writing Flowbits Rules (Module 16)
- Lab 23: Research and Packet Analysis (Module 17)
- Lab 24: Revisiting the Kaminsky Vulnerability (Module 17)
Securing Cisco Networks with Open Source Snort