Information of news
  • Views: 53
  • Author: downeb
  • Date: 28-01-2013, 02:22
 (Votes #: 0)

Linux CBT - NIDS Focus Snort Network Intrusion Detection System Training

Category: Tutorial

Download Now

Linux CBT - NIDS Focus Snort Network Intrusion Detection System Training

Linux CBT - NIDS Focus: Snort Network Intrusion Detection System
Released: 1.2013 | Genre: Tutorial | Size: 631 MB

Network Intrusion Detection System (NIDS) Security - Module V

Snort NIDS - Installation
• Peruse the LinuxCBT Security Edition classroom network topology
• Download Snort
• Import G/PGP public key and verify package integrity
• Identify & key Snort dependencies
• Install current libpcap - Packet Capture Library
• Establish security configuration baseline

Snort NIDS - Sniffer Mode
• Discuss sniffer mode concepts & applications
• Sniff IP packet headers - layer-3/4
• Sniff data-link headers - layer-2
• Sniff application payload - layer-7
• Sniff application/ip packet headers/data-link headers - all layers except physical
• Examine packets & packet loss
• Sniff traffic traversing interesting interfaces
• Sniff clear-text traffic
• Sniff encrypted streams

Snort NIDS - Logging Mode
• Discuss logging mode concepts & applications
• Log traffic using default PCAP/TCPDump format
• Log traffic using ASCII mode & examine output
• Discuss directory structure created by ASCII logging mode
• Control verbosity of ASCII logging mode & examine output
• Enhance packet logging analysis by defaulting to binary logging
• Discuss default nomenclature for binary/TCPDump files
• Alter binary output options
• Use Snort NIDS to read binary/TCPDump files

Snort NIDS - Berkeley Packet Filters (BPFs)
• Explain the advantages to utilizing BPFs
• Discuss BPF directional, type, and protocol qualifiers
• Identify clear-text based network applications and define appropriate BPFs
• Execute Snort NIDS in sniffer mode with BPFs enabled to match interesting traffic
• Log to the active pseudo-terminal console and examine the packet flows
• Combine BPF qualifiers to increase packet-matching capabilities
• Use logical operators to define more flexible BPFs
• Read binary TCPDump files using Snort & BPFs
• Execute Snort NIDS in logging/daemon mode

Snort NIDS - Cisco Switch Configuration
• Examine the current network configuration
• Identify Snort NIDS sensors and centralized DBMS Server
• Create multiple VLANs on the Cisco Switch
• Secure the Cisco Switch configuration
• Isolate internal and external hosts, sensors and DBMS systems
• Configure SPAN - Port Mirroring for internal and external Snort NIDS Sensors
• Examine internal and external packet flows

Snort NIDS - Network Intrusion Detection System (NIDS) Mode
• Discuss NIDS concepts & applications
• Prepare /etc/snort - configuration directory for NIDS operation
• Explore the snort.conf NIDS configuration file
• Discuss all snort.conf sections
• Download & install community rules
• Execute Snort in NIDS mode with TCPDump compliant output plugin
• Download & install Snort Vulnerability Research Team (VRT) rules
• Compare & contrast community rules to VRT rules

Snort NIDS - Output Plugin - Barnyard Configuration
• Discuss features & benefits
• Configure Syslog based logging and examine results
• Configure Snort to log sequentially to multiple output locations
• Implement unified binary output logging to enhance performance
• Discuss concepts & features associated with post-processing Snort logs
• Download and install current barnyard post-processor
• Use barnyard to post-process logs to multiple output destinations

Snort NIDS - BASE - MySQL® Implementation
• Discuss benefits of centralized console reporting for 1 or more Snort sensors
• Re-compile Snort on both sensors to support MySQL logging
• Configure MySQL on Database Management System (DBMS) Host
• Implement Snort database schema on DBMS Host
• Configure Snort to log output to MySQL DBMS Host
• Confirm output logging to the MySQL DBMS Host
• Prepare DBMS Host for BASE console installation
• Install BASE and complete schema extension
• Peruse BASE interface

Snort® NIDS - Rules Configuration & Updates
• Discuss the concept of rules as related to Snort NIDS
• Examine Snort rule syntax
• Peruse pre-defined Snort rules
• Download & configure oinkmaster to automatically update Snort rules
• Confirm oinkmaster operation

With a Premium account you can download files having Fullspeed !

Uploaded Links

Lumfile Links

Ryushare Links
Direct Download

Tags: Network, Intrusion, Detection, System, Training

Linux CBT - NIDS Focus Snort Network Intrusion Detection System Training Fast Download via Rapidshare Hotfile Fileserve Filesonic Megaupload, Linux CBT - NIDS Focus Snort Network Intrusion Detection System Training Torrents and Emule Download or anything related.
Dear visitor, you went to website as unregistered user.
We encourage you to Register or Login to website under your name.

Add comments

Enter Code: *