Snort Intrusion Detection Rule Writing and PCAP Analysis
What you’ll learn
Write Snort Rules
Analyze PCAPS using Wireshark and Tcpdump
Create Virtual Machines using VirtualBox
Configure Security Onion
Test Snort rules using automated scripts
Analyze Snort NIDS alerts using Squert
Configure Kali Linux
Test exploits and analyze resulting network traffic
Requirements
Basic networking knowledge
Basic Linux command line interface knowledge
Basic knowledge about operating systems and virtualization.
Description
Hello everybody. My name is Jesse Kurrus, and I’ll be your professor for the duration of the Snort Intrusion Detection, Rule Writing, and PCAP Analysis course. This course will consist of written material to go over on your own pace, and labs to reinforce the concepts from the provided resources. To follow along with these labs, you’ll need a VirtualBox, Security Onion, Kali Linux, and Windows 7 VMs. These are all free and open source, including the Windows 7 VM which is available free for development purposes.
This course is 100% hands-on, save for the initial introduction. Please be prepared to follow along with these labs.
The following are the hands-on labs. Please refer to the course for full descriptions:
Lab 1: Setting up Security Onion with VirtualBoxLab 2: Boleto Malware Snort Rule Writing and PCAP AnalysisLab 3: Vetting Snort Rule Quality with DumbpigLab 4: Utilizing Offset and Depth in a Snort RuleLab 5: Kali Linux Setup with VirtualBoxLab 6: Snort Rule Writing (SSH and FTP)Lab 7: Windows 7 Eternalblue Vulnerable VM VirtualBox SetupLab 8: Windows 7 Eternalblue Exploitation and Snort/PCAP AnalysisLab 9: Eternalblue PCAP Analysis and Snort Rule WritingLab 10: Ubuntu Server 12.04 Vulnerable VM VirtualBox SetupLab 11: Ubuntu Server 12.04 Heartbleed Exploitation and Snort/PCAP AnalysisLab 12: Heartbleed PCAP Analysis and Snort Rule Writing
Overview
Section 1: Lectures
Lecture 1 Course Introduction and Overview
Section 2: Hands-on Labs
Lecture 2 Lab 1: Setting up Security Onion with VirtualBox
Lecture 3 Lab 2: Boleto Malware Snort Rule Writing and PCAP Analysis
Lecture 4 Lab 3: Vetting Snort Rule Quality With Dumbpig
Lecture 5 Lab 4: Utilizing Offset and Depth in a Snort Rule
Lecture 6 Lab 5: Snort Rule Writing (SSH and FTP)
Lecture 7 Bonus Lab – Kali Linux 2020
Lecture 8 Lab 6: Kali Linux Setup with VirtualBox
Lecture 9 Lab 7: Windows 7 Eternalblue Vulnerable VM VirtualBox Setup
Lecture 10 Lab 8: Windows 7 Eternalblue Exploitation and Snort/PCAP Analysis
Lecture 11 Lab 9: Eternalblue PCAP Analysis and Snort Rule Writing
Lecture 12 Lab 10: Ubuntu Server 12.04 Vulnerable VM VirtualBox Setup
Lecture 13 Lab 11: Ubuntu Server 12.04 Heartbleed Exploitation and Snort/PCAP Analysis
Lecture 14 Lab 12: Heartbleed PCAP Analysis and Snort Rule Writing
Cybersecurity Professionals,Information Security Analysts,Network Security Analysts,SOC Analysts,Cybersecurity Students
Course Information:
Udemy | English | 2h 20m | 1.32 GB
Created by: Jesse K, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP
You Can See More Courses in the IT & Software >> Greetings from CourseDown.com