This lab-intensive course introduces you to the open source Snort technology, as well as rule writing. Among other powerful features, you become familiar with:
- How to build and manage a Snort system
- How to update rules
- Snort rules language
- The capabilities of Snort when deployed passively and inline
The course begins by introducing the Snort technology and progresses through the installation and operation of Snort. You will discover the various output types that Snort provides and learn about automated rule management including how to deploy and configure Pulled Pork, inline operations, and how to create custom Snort rules, including advanced rule-writing techniques and OpenAppID.
This course combines lecture materials and hands-on labs that give you practice in deploying and managing Snort.