Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) – Perfil

Esquema Detallado del Curso

  • Module 1: Welcome to the Sourcefire Virtual Network
  • Module 2: Basic Rule Syntax and Usage
  • Module 3: Rule Optimization
  • Module 4: Using PCRE in Rules
  • Module 5: Using Byte_Jump/Test/Extract Rule Options
  • Module 6: Protocol Modeling Concepts and Using Flowbits in Rule Writing
  • Module 7: Case Sudies in Rule Writing and Packet Analysis
  • Module 8: Rule Performance Monitoring
  • Module 9: Rule Writing Practiceal Labs, Exercises, and Challenges
  • Lab 1: Writing Custom Rules
  • Lab 2: Drop Rules
  • Lab 3: Replacing Content
  • Lab 4: SSH Rule Scenerio
  • Lab 5: Optimizing Rules
  • Lab 6: Using PCRE test to Test Regex Options
  • Lab 7:Use PCREtest to Test Custom Regular Expressions
  • Lab 8: Writing Rules That Contain PCRE
  • Lab 9: Detecting SADMIND Trust with Byte_Jump and Byte_test
  • Lab 10: Using the Bitwise AND Operation in Byte_Test Rule Option
  • Lab 11: Detecting ZenWorks Directory Traversal Using Byte_Extract
  • Lab 12: Writing a Flowbit Rule
  • Lab 13: Extra Flowbits Challenge
  • Lab 14: Strengthen Your Brute-Force Rule with Flowbits
  • Lab 15: Research and Packet Analysis
  • Lab 16: Revisiting the Kaminsky Vulnerability
  • Lab 17: Configuring Rule Profiling
  • Lab 18: Testing Rule Performance
  • Lab 19: Configure Rule Profiling to View PCRE Performance
  • Lab 20: Preventing User Access to a Restricted Site
  • Lab 21: SQL Injection
  • Lab 22: The SQL Attack Revisited