Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

SSFRULES - Securing Cisco Networks with Snort® Rule Writing Best Practices

Learn to analyze, exploit packet captures, and put the rule writing theories learned to work by implementing rule-language features for triggering alerts on the offending network traffic.

GK# 5827

Course Overview

This course focuses exclusively on the SnortĀ® rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work by implementing rule-language features for triggering alerts on the offending network traffic.

This course also provides instruction and lab exercises on how to detect certain types of attacks (such as buffer overflows) while utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.

This course combines lecture materials and hands-on labs throughout to make sure that you are able to thoroughly understand and implement open source rules.

Delivery Format Options

  • Classroom Live

    Classroom Live

    Receive face-to-face instruction at one of our training center locations.

    From

    $4060 CAD

    3 day

  • Virtual Classroom Live

    Virtual Classroom Live

    Experience expert-led online training from the convenience of your home, office or anywhere with an Internet connection.

    From

    $4060 CAD

    3 day

  • Private Group Training

    Private Group Training

    Train your entire team in a private, coordinated professional development session at the location of your choice.

    Receive private training for teams online and in-person.

Request a date or location for this course.

What You'll Learn

  • Understand rule structure, rule syntax, rule options, and their usage
  • Configure and create Snort rules
  • Understand the rule optimization process to create efficient rules
  • Understand preprocessors and how data is presented to the rule engine
  • Create and implement functional regular expressions in Snort rules
  • Design and apply rules using byte_jump/test/extract rule options
  • Understand the concepts behind protocol modeling to write rules that perform better

Who Needs To Attend

  • Security administrators
  • Security consultants
  • Network administrators
  • System engineers
  • Technical support personnel
  • Channel partners and resellers

Course Outline

Download Course Outline