{"id":4012,"date":"2021-12-01T10:20:00","date_gmt":"2021-12-01T09:20:00","guid":{"rendered":"https:\/\/grupoloyal.net\/curso-securing-cisco-networks-with-snort-rule-writing-best-practices\/"},"modified":"2021-12-01T10:20:00","modified_gmt":"2021-12-01T09:20:00","slug":"curso-securing-cisco-networks-with-snort-rule-writing-best-practices","status":"publish","type":"post","link":"https:\/\/grupoloyal.net\/curso-securing-cisco-networks-with-snort-rule-writing-best-practices\/","title":{"rendered":"Securing Cisco Networks with Snort Rule Writing Best Practices"},"content":{"rendered":"

[et_pb_section fb_built=\u00bb1″ fullwidth=\u00bbon\u00bb _builder_version=\u00bb4.4.0″][et_pb_fullwidth_image src=\u00bbhttps:\/\/grupoloyal.net\/wp-content\/uploads\/2022\/02\/curso-e1645533395126.jpg\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″ min_height=\u00bb223.3px\u00bb height=\u00bb530px\u00bb][\/et_pb_fullwidth_image][\/et_pb_section][et_pb_section fb_built=\u00bb1″ _builder_version=\u00bb4.4.0″ min_height=\u00bb106px\u00bb custom_padding=\u00bb12px||0px|||\u00bb background_color=\u00bb#eaeaea\u00bb hover_enabled=\u00bb0″][et_pb_row _builder_version=\u00bb4.4.0″][et_pb_column _builder_version=\u00bb4.4.0″ type=\u00bb4_4″][et_pb_text _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Securing Cisco Networks with Snort Rule Writing Best Practices<\/h1>\n

Securing Cisco Networks with Snort Rule Writing Best Practices is a lab-intensive course that introduces students to the open source Snort community and rule-writing best practices.Users focus exclusively on the Snort rules language and rule writing. Starting from rule syntax and structure to advanced rule-option usage, you will analyze exploit packet captures and put the rule writing theories learned to work\u2014implementing rule-language features to trigger alerts on the offending network traffic.This course also provides instruction and lab exercises on how to detect certain types of attacks, such as buffer overflows, utilizing various rule-writing techniques. You will test your rule-writing skills in two challenges: a theoretical challenge that tests knowledge of rule syntax and usage, and a practical challenge in which we present an exploit for you to analyze and research so you can defend your installations against the attack.This course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand and implement open source rules.
\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=\u00bb1″ _builder_version=\u00bb4.4.0″ custom_padding=\u00bb52px|||||\u00bb][et_pb_row column_structure=\u00bb3_5,2_5″ _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″][et_pb_column type=\u00bb3_5″ _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″][et_pb_blurb title=\u00bbObjetivos\u00bb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-objetivos.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″ header_font_size=\u00bb19px\u00bb]
\nAfter completing this course, you should be able to:<\/p>\n

Understand rule structure, rule syntax, rule options, and their usage
\nConfigure and create Snort rules
\nUnderstand the rule optimization process to create efficient rules
\nUnderstand preprocessors and how data is presented to the rule engine
\nCreate and implement functional Regular Expressions in Snort rules
\nDesign and apply rules using byte_jump\/test\/extract rule options
\nUnderstand the concepts behind protocol modeling to write rules that perform better
\n[\/et_pb_blurb][\/et_pb_column][et_pb_column type=\u00bb2_5″ _builder_version=\u00bb4.4.0″][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-palabras-clave-300×300.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Ciberseguridad<\/strong><\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-elearning-300×194.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Disponible en formato e-learning<\/strong><\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-presencial.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Disponible en formato presencial<\/strong><\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-remoto-300×300.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Disponible en formato a distancia<\/strong><\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-remoto-300×300.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Acceso al campus<\/strong><\/a><\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-subvencionado-300×300.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Subvenci\u00f3n disponible<\/strong>
\nA trav\u00e9s de Fundae, cumpliendo requisitos.<\/p>\n

[\/et_pb_blurb][et_pb_blurb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-duracion-1-290×300.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ hover_enabled=\u00bb0″]<\/p>\n

Duraci\u00f3n<\/strong>
\n15 horas<\/p>\n

[\/et_pb_blurb][et_pb_counters _builder_version=\u00bb4.4.0″][et_pb_counter percent=\u00bb50″ _builder_version=\u00bb4.4.0″ percent_text_color=\u00bb#e88b00″ background_enable_color_default=\u00bbon\u00bb parallax_default=\u00bboff\u00bb parallax_method_default=\u00bbon\u00bb bar_background_color_default=\u00bb#e88b00″ use_percentages=\u00bbon\u00bb allow_player_pause_default=\u00bboff\u00bb]Dificultad[\/et_pb_counter][et_pb_counter percent=\u00bb80″ _builder_version=\u00bb4.4.0″ percent_text_color=\u00bb#e88b00″ background_enable_color_default=\u00bbon\u00bb parallax_default=\u00bboff\u00bb parallax_method_default=\u00bbon\u00bb bar_background_color_default=\u00bb#e88b00″ use_percentages=\u00bbon\u00bb allow_player_pause_default=\u00bboff\u00bb]Nivel alcanzado[\/et_pb_counter][\/et_pb_counters][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=\u00bb1″ _builder_version=\u00bb4.4.0″ background_color=\u00bb#eeeeee\u00bb min_height=\u00bb194px\u00bb custom_padding=\u00bb17px||19px|||\u00bb][et_pb_row column_structure=\u00bb1_2,1_2″ _builder_version=\u00bb4.4.0″][et_pb_column type=\u00bb1_2″ _builder_version=\u00bb4.4.0″][et_pb_blurb title=\u00bbDirigido a\u00bb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-dirigido-a-300×268.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ child_filter_saturate=\u00bb0%\u00bb child_filter_brightness=\u00bb200%\u00bb]<\/p>\n

\n
\n

This course is designed for security professionals who need to know how to write rules and understand open source Snort language.<\/p>\n<\/div>\n<\/div>\n

\n
<\/div>\n<\/div>\n

[\/et_pb_blurb][\/et_pb_column][et_pb_column type=\u00bb1_2″ _builder_version=\u00bb4.4.0″][et_pb_blurb title=\u00bbConocimientos requeridos\u00bb image=\u00bbhttp:\/\/itformacion.ivanosuna.com\/wp-content\/uploads\/2020\/09\/curso-skils.png\u00bb icon_placement=\u00bbleft\u00bb _builder_version=\u00bb4.4.0″ custom_margin=\u00bb||-120px|||\u00bb child_filter_saturate=\u00bb0%\u00bb child_filter_brightness=\u00bb200%\u00bb]<\/p>\n

\n
\n
\n

Attendees should meet the following prerequisites:<\/p>\n

Technical understanding of TCP\/IP networking and network architecture – ICND1 Recommended
\nWorking knowledge of how to use and operate Cisco Sourcefire Systems or open source Snort
\nWorking knowledge of command-line text editing tools, such as the vi editor
\nBasic rule-writing experience is suggested\n<\/p><\/div>\n<\/div>\n

\n
<\/div>\n<\/div>\n

[\/et_pb_blurb][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=\u00bb1″ _builder_version=\u00bb4.4.0″ custom_margin=\u00bb1px|||||\u00bb][et_pb_row _builder_version=\u00bb4.4.0″][et_pb_column type=\u00bb4_4″ _builder_version=\u00bb4.4.0″]
\n[et_pb_text content_tablet=\u00bb\u00bb]<\/p>\n

Temario<\/h2>\n

Module 1: Welcome to the Sourcefire Virtual Network<\/p>\n

Module 2: Basic Rule Syntax and Usage<\/p>\n

Module 3: Rule Optimization<\/p>\n

Module 4: Using PCRE in Rules<\/p>\n

Module 5: Using Byte_Jump\/Test\/Extract Rule Options<\/p>\n

Module 6: Protocol Modeling Concepts and Using Flowbits in Rule Writing<\/p>\n

Module 7: Case Sudies in Rule Writing and Packet Analysis<\/p>\n

Module 8: Rule Performance Monitoring<\/p>\n

Module 9: Rule Writing Practiceal Labs, Exercises, and Challenges<\/p>\n

Labs<\/p>\n

Lab 1: Writing Custom Rules
\nLab 2: Drop Rules
\nLab 3: Replacing Content
\nLab 4: SSH Rule Scenerio
\nLab 5: Optimizing Rules
\nLab 6: Using PCREtest to Test Regex Options
\nLab 7:Use PCREtest to Test Custom Regular Expressions
\nLab 8: Writing Rules That Contain PCRE
\nLab 9: Detecting SADMIND Trust with Byte_Jump and Byte_test
\nLab 10: Using the Bitwise AND Operation in Byte_Test Rule Option
\nLab 11: Detecting ZenWorks Directory Traversal Using Byte_Extract
\nLab 12: Writing a Flowbit Rule
\nLab 13: Extra Flowbits Challenge
\nLab 14: Strengthen Your Brute-Force Rule with Flowbits
\nLab 15: Research and Packet Analysis
\nLab 16: Revisiting the Kaminsky Vulnerability
\nLab 17: Configuring Rule Profiling
\nLab 18: Testing Rule Performance
\nLab 19: Configure Rule Profiling to View PCRE Performance
\nLab 20: Preventing User Access to a Restricted Site
\nLab 21: SQL Injection
\nLab 22: The SQL Attack Revisited
\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section][et_pb_section fb_built=\u00bb1″ _builder_version=\u00bb4.4.0″ background_color=\u00bb#032b35″][et_pb_row _builder_version=\u00bb4.4.0″][et_pb_column type=\u00bb4_4″ _builder_version=\u00bb4.4.0″][et_pb_contact_form captcha=\u00bboff\u00bb title=\u00bbSolicita informaci\u00f3n del curso\u00bb submit_button_text=\u00bbSolicitar informaci\u00f3n ahora\u00bb _builder_version=\u00bb4.4.0″ title_text_color=\u00bb#ffffff\u00bb title_font_size=\u00bb30px\u00bb][et_pb_contact_field field_id=\u00bbName\u00bb field_title=\u00bbNombre\u00bb _builder_version=\u00bb3.16″ button_text_size__hover_enabled=\u00bboff\u00bb button_one_text_size__hover_enabled=\u00bboff\u00bb button_two_text_size__hover_enabled=\u00bboff\u00bb button_text_color__hover_enabled=\u00bboff\u00bb button_one_text_color__hover_enabled=\u00bboff\u00bb button_two_text_color__hover_enabled=\u00bboff\u00bb button_border_width__hover_enabled=\u00bboff\u00bb button_one_border_width__hover_enabled=\u00bboff\u00bb button_two_border_width__hover_enabled=\u00bboff\u00bb button_border_color__hover_enabled=\u00bboff\u00bb button_one_border_color__hover_enabled=\u00bboff\u00bb button_two_border_color__hover_enabled=\u00bboff\u00bb button_border_radius__hover_enabled=\u00bboff\u00bb button_one_border_radius__hover_enabled=\u00bboff\u00bb button_two_border_radius__hover_enabled=\u00bboff\u00bb button_letter_spacing__hover_enabled=\u00bboff\u00bb button_one_letter_spacing__hover_enabled=\u00bboff\u00bb button_two_letter_spacing__hover_enabled=\u00bboff\u00bb button_bg_color__hover_enabled=\u00bboff\u00bb button_one_bg_color__hover_enabled=\u00bboff\u00bb button_two_bg_color__hover_enabled=\u00bboff\u00bb][\/et_pb_contact_field][et_pb_contact_field field_id=\u00bbEmail\u00bb field_title=\u00bbDirecci\u00f3n de correo electr\u00f3nico\u00bb field_type=\u00bbemail\u00bb _builder_version=\u00bb3.16″ button_text_size__hover_enabled=\u00bboff\u00bb button_one_text_size__hover_enabled=\u00bboff\u00bb button_two_text_size__hover_enabled=\u00bboff\u00bb button_text_color__hover_enabled=\u00bboff\u00bb button_one_text_color__hover_enabled=\u00bboff\u00bb button_two_text_color__hover_enabled=\u00bboff\u00bb button_border_width__hover_enabled=\u00bboff\u00bb button_one_border_width__hover_enabled=\u00bboff\u00bb button_two_border_width__hover_enabled=\u00bboff\u00bb button_border_color__hover_enabled=\u00bboff\u00bb button_one_border_color__hover_enabled=\u00bboff\u00bb button_two_border_color__hover_enabled=\u00bboff\u00bb button_border_radius__hover_enabled=\u00bboff\u00bb button_one_border_radius__hover_enabled=\u00bboff\u00bb button_two_border_radius__hover_enabled=\u00bboff\u00bb button_letter_spacing__hover_enabled=\u00bboff\u00bb button_one_letter_spacing__hover_enabled=\u00bboff\u00bb button_two_letter_spacing__hover_enabled=\u00bboff\u00bb button_bg_color__hover_enabled=\u00bboff\u00bb button_one_bg_color__hover_enabled=\u00bboff\u00bb button_two_bg_color__hover_enabled=\u00bboff\u00bb][\/et_pb_contact_field][et_pb_contact_field field_id=\u00bbEmpresa\u00bb field_title=\u00bbEmpresa\u00bb fullwidth_field=\u00bbon\u00bb _builder_version=\u00bb4.4.0″][\/et_pb_contact_field][et_pb_contact_field field_id=\u00bbMessage\u00bb field_title=\u00bbCu\u00e9ntanos un poco sobre tus necesidades\u00bb field_type=\u00bbtext\u00bb fullwidth_field=\u00bbon\u00bb _builder_version=\u00bb4.4.0″ form_field_text_color=\u00bb#555555″ button_text_size__hover_enabled=\u00bboff\u00bb button_one_text_size__hover_enabled=\u00bboff\u00bb button_two_text_size__hover_enabled=\u00bboff\u00bb button_text_color__hover_enabled=\u00bboff\u00bb button_one_text_color__hover_enabled=\u00bboff\u00bb button_two_text_color__hover_enabled=\u00bboff\u00bb button_border_width__hover_enabled=\u00bboff\u00bb button_one_border_width__hover_enabled=\u00bboff\u00bb button_two_border_width__hover_enabled=\u00bboff\u00bb button_border_color__hover_enabled=\u00bboff\u00bb button_one_border_color__hover_enabled=\u00bboff\u00bb button_two_border_color__hover_enabled=\u00bboff\u00bb button_border_radius__hover_enabled=\u00bboff\u00bb button_one_border_radius__hover_enabled=\u00bboff\u00bb button_two_border_radius__hover_enabled=\u00bboff\u00bb button_letter_spacing__hover_enabled=\u00bboff\u00bb button_one_letter_spacing__hover_enabled=\u00bboff\u00bb button_two_letter_spacing__hover_enabled=\u00bboff\u00bb button_bg_color__hover_enabled=\u00bboff\u00bb button_one_bg_color__hover_enabled=\u00bboff\u00bb button_two_bg_color__hover_enabled=\u00bboff\u00bb][\/et_pb_contact_field][\/et_pb_contact_form][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

15 horas<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"2880","footnotes":""},"categories":[52,9,11],"tags":[],"class_list":["post-4012","post","type-post","status-publish","format-standard","hentry","category-ciberseguridad","category-cursos","category-cursos-de-it"],"acf":[],"_links":{"self":[{"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/posts\/4012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/comments?post=4012"}],"version-history":[{"count":0,"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/posts\/4012\/revisions"}],"wp:attachment":[{"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/media?parent=4012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/categories?post=4012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/grupoloyal.net\/wp-json\/wp\/v2\/tags?post=4012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}