Would you like to detect potential threats to your network? Snort is an open source network intrusion detection system and intrusion prevention system that includes the ability to write custom rules. In this course, Writing Snort Rules, you’ll learn to write your own custom rules for Snort to detect specific traffic. First, you’ll explore the basic Snort rule structure. Next, you’ll discover how to leverage additional options to refine your traffic detection. Finally, you’ll learn how to further optimize your rules with new options in Snort version 3. When you’re finished with this course, you’ll have the skills and knowledge of Snort needed to write your own rules.
Course Overview Hello. My name is Matt Glass, and welcome to my course, Writing Snort Rules. I'm an IT project manager at Leidos working overseas for the U. S. Government. In this course, we're going to expand our knowledge of Snort by writing and testing our own custom rule sets based on security goals. Some of the topics that we'll cover include basic Snort rule structure, payload to non‑payload detection, alert actions and active responses, and Snort file processing. By the end of this course, you should feel comfortable leveraging Snort's features and writing your own custom rules. Before beginning the course, you should be familiar with Snort's operation and configuration at a basic level, or you can watch the Getting Started with Snort course first. I hope you'll join me on this journey to learn more about intrusion detection with the Writing Snort Rules course, at Pluralsight.