SNORT and NESSUS: Hands-on
Key Information
Prerequisites:
Familiarity with the operation of basic IP networks is assumed, and familiarity with basic administrative operations on UNIX/Linux is useful
Outline and Objectives:
Businesses of all sizes are adopting the Snort Intrusion Detection System (IDS) and the Nessus Vulnerability Scanner as key elements in their network and systems security implementations. This course takes attendees through all stages of installing, configuring, testing and operating both of these powerful packages, using a sophisticated classroom network.
Who Should Attend:
This course is aimed at product managers, cross-training engineers, operations staff, and anyone who needs to understand the principles and practices of vulnerability scanning and IDS/IPS. The course involves extensive hands-on exercises for attendees throughout its two day duration.
Course Contents:
- Techniques Used by Attackers
- Vulnerabilities and Testing Tools
- Nessus Installation Options and nessus.conf
- Basic and Tailored Scans
- Nessus Report Interpretation
- Nessus Plug-In Operation and Nessus Attack Scripting Language (NASL)
- Nessus Scanning With Domain/Login Credentials
- Snort Installation and snort.conf
- Deployment Options and Access
- Intrusion Prevention Using Snort
- Tuning Detection Thresholds and Suppression
- The Basic Analysis and Security Engine (BASE)
- Building Distributed Systems Using SnortCentre and Barnyard
- An Integrated Vulnerability Scanning and IDS/IPS Approach
