BUILDING A LINUX FIREWALL
BUILDING NIDS WITH SNORT
NETWORK MONITORING WITH MRTG
NETWORK MONITORING WITH NAGIOS
BUILDING SECURE CROSS OPEN VPN
BUILDING HIGH PERFORMANCE LINUX CLUSTERS
Duration 6 Hours
Can I really trust my security framework to a single component? How can I detect signs of an intrusion to my network before damage is done? Is it good enough to know only what you want to protect?

How about the awareness on the threats to your environment, do you consider it important too? Also, can you possibly build defenses to protect against attacks without knowing the nature and methods of your energy?

You really need to embark on this security project; are these questions enough or there is more to consider?

What is an NIDS (and what is an Intrusion)?
The benefits of detecting an intrusion early enough are undeniable but it also comes with some real challenges.

What are they? What is the anatomy of an attack and how can I possibly use that knowledge to my Network’s advantage?

I need awareness on how systems on a network communicate, the make up of a packet, how to interpret the logs generated by your NIDS and possibly identify a suspicious packets. What are the prerequisites?

Why Snort as a NIDS? Having snort installed and running may not be much of an issue but how do I tailor it to suit my environment, assess its intelligence and more?

Being able to detect an exploit early enough with the help of Snort as your NIDS sounds great for a start but can you have Snort o mo re? Say, function as Intrusion Prevention System (IPS). If so, how?

The promise of an IPS is very attractive, but are there some risks that are not obvious at first glance? Are those risks worth considering when planning the deployment of Snort as an IPS?

Practice Labs:
  • Examining TCP/IP; concept and hands-on in the context of Intrusion Detection
  • Sniffing packets with Tcp dump.
  • Working with Nmap
  • Installing snort from source on Linux
  • Generating Real-Time Alerts
  • Configuring My SQL for snort
  • Generating statistical output from snort logs
  • Logging Alerts to a Database
  • Detecting Stateless Attacks and Stream Reassembly
  • Detecting Fragmentation attacks and Fragmentation Reassembly
  • Detecting HTTP evasion attacks
  • Decoding Application Traffic
  • Getting Performance Metrics
  • Managing Snort Sensors with AC ID
  • How to build snort rules and tips on writing effective snort rules.
  • Testing snort rules
  • Setting up snort as an IPS using flexible response, Snort SAM and snort Inline
  • patch plug-ins
Home | Courses | Modular Courses | Workshop & Lab Courses | Career Courses | Training | Services | Contact Us
Copyright © 2010. Linobox Technology. All Rights Reserved.