Description
Course info
Level
Intermediate
Updated
Sep 10, 2020
Duration
1h 24m
Your 10-day individual free trial includes:

Expert-led courses

Keep up with the pace of change with thousands of expert-led, in-depth courses.
Description

Would you like to detect potential threats to your network? Snort is an open source network intrusion detection system and intrusion prevention system that includes the ability to write custom rules. In this course, Writing Snort Rules, you’ll learn to write your own custom rules for Snort to detect specific traffic. First, you’ll explore the basic Snort rule structure. Next, you’ll discover how to leverage additional options to refine your traffic detection. Finally, you’ll learn how to further optimize your rules with new options in Snort version 3. When you’re finished with this course, you’ll have the skills and knowledge of Snort needed to write your own rules.

About the author
About the author

Matt Glass is an IT Project Manager in Stuttgart, Germany, working as a government contractor. He has more than 12 years of IT experience in a variety of roles.

More from the author
Execution with Donut
Intermediate
19m
Nov 15, 2021
Impact with Low Orbit Ion Cannon (LOIC)
Intermediate
23m
Sep 30, 2021
Manage Suricata Rule Sets and Rule Sources
Intermediate
1h 6m
Apr 27, 2021
More courses by Matt Glass
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello. My name is Matt Glass, and welcome to my course, Writing Snort Rules. I'm an IT project manager at Leidos working overseas for the U. S. Government. In this course, we're going to expand our knowledge of Snort by writing and testing our own custom rule sets based on security goals. Some of the topics that we'll cover include basic Snort rule structure, payload to non‑payload detection, alert actions and active responses, and Snort file processing. By the end of this course, you should feel comfortable leveraging Snort's features and writing your own custom rules. Before beginning the course, you should be familiar with Snort's operation and configuration at a basic level, or you can watch the Getting Started with Snort course first. I hope you'll join me on this journey to learn more about intrusion detection with the Writing Snort Rules course, at Pluralsight.