Loading...

Snort Rule Writing

Course code: SN002

3 days

This hands courses has been structured to ensure attendees obtain details understanding and knowledge Snort rules. Over the 3 day practical courses attendees will learn to write and design their own rules to ensure they are able to respond to malicious a

Course content >

Who Should Attend?

Designed for the IT security professionals seeking additional knowledge to respond to new, unknown and unique malicious attacks or activity.

Prerequisites

None

Course Contents

 

 Dissecting Snort Rules
 
  Using Variables
 
  Understanding Rule Headers
 
  Rule Options
 
  IP Options
 
  TCP Options
 
   ICMP Options
 
   PCRE in Rule Options
   
   Metadata Options
 
   Miscellaneous Rule Options
 
   Snort Rule Writing Best Practice

 

 

Contact us for more information