Network Security Monitoring with Snort
- 2 courses
- 3 hours
Snort is an open-sourced intrusion detection and prevention system that allows for a high level of customization. This Linux utility is easy to deploy and can be configured to monitor your network traffic for intrusion attempts, log them, and take a specified action when an intrusion attempt is detected. It has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. It uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.
In this path you will learn how to utilize Snort in your network environment to perform protocol analysis, content searching and matching, and detection intrusions.