LinuxCBT NIDS Edition feat. Snort, Linux Training, Computer Based Training,Certification Preparation, Linux Administrator, Learn Linux

Price: $195 for Single-Computer License - licensing details
5-Computer License: $495
Academic Pricing Schedule (Students|Education): Pricing Schedule
Additional Licenses: For pricing contact: sales@LinuxCBT.com
System Requirements: Windows NT/2000/XP/2003/Vista
Duration: 12 hours/40 Videos on 1-DVD
Available for Download:YES
MD5SUM: a74d6a24901246d273155511bde434c2
Demos: here
Certificate of Completion: YES - contact sales for details

LinuxCBT NIDS Edition feat. Snort encompasses: 1. Network Intrusion Detection System (NIDS) Security.

LinuxCBT NIDS Edition feat. Snort is unparalleled in content, depth and expertise. It entails 12-hours, or over 1-day of classroom training. LinuxCBT NIDS Edition feat. Snort prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.

Let LinuxCBT NIDS Edition feat. Snort cost-effectively sharpen your GNU/Linux & Open Source Security skills!

Recommended Prerequisites for:

Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
- Open mind & determination to master Linux and related open-source applications
- Basic understanding of networking concepts
- Access to a PC to follow the exercises

Network Intrusion Detection System (NIDS) Security - Module 1

Snort NIDS - Installation
- Peruse the LinuxCBT Security Edition classroom network topology
- Download Snort
- Import G/PGP public key and verify package integrity
- Identify & download key Snort dependencies
- Install current libpcap - Packet Capture Library
- Establish security configuration baseline
Snort NIDS - Sniffer Mode
- Discuss sniffer mode concepts & applications
- Sniff IP packet headers - layer-3/4
- Sniff data-link headers - layer-2
- Sniff application payload - layer-7
- Sniff application/ip packet headers/data-link headers - all layers except physical
- Examine packets & packet loss
- Sniff traffic traversing interesting interfaces
- Sniff clear-text traffic
- Sniff encrypted streams
Snort NIDS - Logging Mode
- Discuss logging mode concepts & applications
- Log traffic using default PCAP/TCPDump format
- Log traffic using ASCII mode & examine output
- Discuss directory structure created by ASCII logging mode
- Control verbosity of ASCII logging mode & examine output
- Enhance packet logging analysis by defaulting to binary logging
- Discuss default nomenclature for binary/TCPDump files
- Alter binary output options
- Use Snort NIDS to read binary/TCPDump files
Snort NIDS - Berkeley Packet Filters (BPFs)
- Explain the advantages to utilizing BPFs
- Discuss BPF directional, type, and protocol qualifiers
- Identify clear-text based network applications and define appropriate BPFs
- Execute Snort NIDS in sniffer mode with BPFs enabled to match interesting traffic
- Log to the active pseudo-terminal console and examine the packet flows
- Combine BPF qualifiers to increase packet-matching capabilities
- Use logical operators to define more flexible BPFs
- Read binary TCPDump files using Snort & BPFs
- Execute Snort NIDS in logging/daemon mode
Snort NIDS - Cisco Switch Configuration
- Examine the current network configuration
- Identify Snort NIDS sensors and centralized DBMS Server
- Create multiple VLANs on the Cisco Switch
- Secure the Cisco Switch configuration
- Isolate internal and external hosts, sensors and DBMS systems
- Configure SPAN - Port Mirroring for internal and external Snort NIDS Sensors
- Examine internal and external packet flows
Snort NIDS - Network Intrusion Detection System (NIDS) Mode
- Discuss NIDS concepts & applications
- Prepare /etc/snort - configuration directory for NIDS operation
- Explore the snort.conf NIDS configuration file
- Discuss all snort.conf sections
- Download & install community rules
- Execute Snort in NIDS mode with TCPDump compliant output plugin
- Download & install Snort Vulnerability Research Team (VRT) rules
- Compare & contrast community rules to VRT rules
Snort NIDS - Output Plugin - Barnyard Configuration
- Discuss features & benefits
- Configure Syslog based logging and examine results
- Configure Snort to log sequentially to multiple output locations
- Implement unified binary output logging to enhance performance
- Discuss concepts & features associated with post-processing Snort logs
- Download and install current barnyard post-processor
- Use barnyard to post-process logs to multiple output destinations
Snort NIDS - BASE - MySQL® Implementation
- Discuss benefits of centralized console reporting for 1 or more Snort sensors
- Re-compile Snort on both sensors to support MySQL logging
- Configure MySQL on Database Management System (DBMS) Host
- Implement Snort database schema on DBMS Host
- Configure Snort to log output to MySQL DBMS Host
- Confirm output logging to the MySQL DBMS Host
- Prepare DBMS Host for BASE console installation
- Install BASE and complete schema extension
- Peruse BASE interface
Snort NIDS - Rules Configuration & Updates
- Discuss the concept of rules as related to Snort NIDS
- Examine Snort rule syntax
- Peruse pre-defined Snort rules
- Download & configure oinkmaster to automatically update Snort rules
- Confirm oinkmaster operation
top

Copyright © LinuxGenius, LLC. 2003-2008 - All Rights Reserved - Privacy | Site Map
Linux is a registered trademark of Linus Torvalds.
All brands, products or company names are trademarks or registered trademarks of their respective companies.

LinuxCBT feat. KornShell Edition - Released...(more)

Accenture
Actel
AccuWeather
AIG
Alcatel
Alliant Energy
Ameritrade
Avocent
AutoDesk
Bechtel Corp.
Bentley College
Boston Pub Health
Burlington Coat
Cadence
CalState PolyTech
CALTECH
Canada Space Agency
City of Orlando
Cisco Systems
Continental Airlines
CNET
Daimler Chrysler
Dublin AA
DisplayTech
Dept. of Labor
DELL
DISA
DORMAN
Duke Energy
EMC
ENTRUST
FBI.GOV
Filtration Group
FH Cancer Research
Fuji Film Canada
Georgia Lottery
Good Year
GrayBar Electric
Hewlett Packard
Ingersoll Rand
Iowa State U.
iPAY
JP Morgan Chase
Kramer Levin LLP
Louisville Tech
Maui HPCC
Maxtor Corporation
MBG
McGill University
Methodist University
Mt. Sinai Medical
Namasco
NASA.GOV - JPL
NAVY
NICHIA Corp
NIH.GOV
NOAA.GOV
NOKIA
Ontario Power Gen.
PABC Bank
Park Nicollet
Partners Healthcare
PA State Senate
Phelps Dodge
Piper Jaffray
REUTERS
ROGERS
SAIC
SafeNet, Inc.
Sanofi-Aventis
Sarah Lawrence
Seton Hall U.
SGI
Simon & Schuster
SLCC.EDU
Smiths Aerospace
Stafford Pub Schools
Symantec
TD Waterhouse
TeliaSonera
Texas Instruments
UC Irvine
UC San Francisco
UC Santa Cruz
U. of Afghanistan
Univ. of Alaska
Univ. of Colorado
University of Iowa
Univ. of Louisville
Univ. of New Haven
UMass School of Med.
Unilever
Unisys
US Courts
Veritas
VMWare
WebTrends
Weidlinger Associates
Woods Hole
XEROX

· EL-5 Edition
· IPv6 Edition
· Debian4x Edition
· SUSE10 Edition
· UnixCBT Edition
· DBMS Edition
· Security Edition
· Basic Security
· Proxy Security
· Firewall Security
· SELinux Security
· NIDS Security
· Packet Analysis
· PAM Security
· OpenSSHv2 Security
· OpenPGP Security
· Samba Edition
· EL-4 Edition
· Mail Edition
· Sendmail Edition
· Postfix Edition
· qmail Edition
· SUSE9 Edition
· Classic Edition
· Debian3x Edition
· Scripting Edition
· BASH Edition
· Perl Edition
· Python Edition
· PHP Edition
· RegEx Edition
· Awk & Sed Edition
· KornShell Edition
· Suite Edition
· Demo Edition
· Pricing & Licensing
· Purchase Orders
· FAQ
· Testimonials
· About us
· Demos
· Contact us
· Clients
· Tell a friend