Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) – Perfil
Esquema Detallado del Curso
- Module 1: Welcome to the Sourcefire Virtual Network
- Module 2: Basic Rule Syntax and Usage
- Module 3: Rule Optimization
- Module 4: Using PCRE in Rules
- Module 5: Using Byte_Jump/Test/Extract Rule Options
- Module 6: Protocol Modeling Concepts and Using Flowbits in Rule Writing
- Module 7: Case Sudies in Rule Writing and Packet Analysis
- Module 8: Rule Performance Monitoring
- Module 9: Rule Writing Practiceal Labs, Exercises, and Challenges
- Lab 1: Writing Custom Rules
- Lab 2: Drop Rules
- Lab 3: Replacing Content
- Lab 4: SSH Rule Scenerio
- Lab 5: Optimizing Rules
- Lab 6: Using PCRE test to Test Regex Options
- Lab 7:Use PCREtest to Test Custom Regular Expressions
- Lab 8: Writing Rules That Contain PCRE
- Lab 9: Detecting SADMIND Trust with Byte_Jump and Byte_test
- Lab 10: Using the Bitwise AND Operation in Byte_Test Rule Option
- Lab 11: Detecting ZenWorks Directory Traversal Using Byte_Extract
- Lab 12: Writing a Flowbit Rule
- Lab 13: Extra Flowbits Challenge
- Lab 14: Strengthen Your Brute-Force Rule with Flowbits
- Lab 15: Research and Packet Analysis
- Lab 16: Revisiting the Kaminsky Vulnerability
- Lab 17: Configuring Rule Profiling
- Lab 18: Testing Rule Performance
- Lab 19: Configure Rule Profiling to View PCRE Performance
- Lab 20: Preventing User Access to a Restricted Site
- Lab 21: SQL Injection
- Lab 22: The SQL Attack Revisited