Description
Course info
Level
Intermediate
Updated
Sep 10, 2020
Duration
1h 24m
Description

Would you like to detect potential threats to your network? Snort is an open source network intrusion detection system and intrusion prevention system that includes the ability to write custom rules. In this course, Writing Snort Rules, you’ll learn to write your own custom rules for Snort to detect specific traffic. First, you’ll explore the basic Snort rule structure. Next, you’ll discover how to leverage additional options to refine your traffic detection. Finally, you’ll learn how to further optimize your rules with new options in Snort version 3. When you’re finished with this course, you’ll have the skills and knowledge of Snort needed to write your own rules.

About the author
About the author

Matt Glass is an IT Project Manager in Stuttgart, Germany, working as a government contractor. He has more than 12 years of IT experience in a variety of roles.

More from the author
Suricata: Getting Started
Intermediate
1h 12m
Dec 14, 2020
Lateral Movement with WMIOps
Intermediate
24m
Sep 25, 2020
More courses by Matt Glass
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello. My name is Matt Glass, and welcome to my course, Writing Snort Rules. I'm an IT project manager at Leidos working overseas for the U. S. Government. In this course, we're going to expand our knowledge of Snort by writing and testing our own custom rule sets based on security goals. Some of the topics that we'll cover include basic Snort rule structure, payload to non‑payload detection, alert actions and active responses, and Snort file processing. By the end of this course, you should feel comfortable leveraging Snort's features and writing your own custom rules. Before beginning the course, you should be familiar with Snort's operation and configuration at a basic level, or you can watch the Getting Started with Snort course first. I hope you'll join me on this journey to learn more about intrusion detection with the Writing Snort Rules course, at Pluralsight.