Hands-On Snort Testing and Rule Creation for Infrastructure Security

Dive into the world of Snort, a powerful intrusion detection system, through a practical course project in infrastructure security. This project, part of SEC290 Fundamentals of Infrastructure Security, focuses on testing Snort rules by capturing XMAS and TCP packets, as well as creating rules to detect ping and ICMP activity. Explore real-world scenarios and enhance your security skills through hands-on experience with Snort.

• Snort
• Infrastructure Security
• Rule Creation
• Hands-On
• Intrusion Detection

petrovich_k Follow

Uploaded on Sep 23, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Course Project SEC290 Fundamentals of Infrastructure Security Module 2 Snort

2. Rubric Activity Requirement(s) Points Testing Snort rules Take two screenshots 30 Creating Snort rules Take two screenshots 30

3. Testing Snort rules Take a screenshot of the output in Part 1 Step 8. It should show the transcript of the XMAS scan alert.

4. Testing Snort rules cont d Take a screenshot of the output in Part 1 Step 10. It should show the TCP packets generated by the XMAS scan.

5. Creating Snort rules Take a screenshot of the output in Part 2 Step 5. It should show the ping activity alert.

6. Creating Snort rules cont d Take a screenshot of the output in Part 2 Step 6. It should show the ICMP packets generated by the ping activity.