Im not ACTUALLY ready for this yet. I want to do things in the right order. Everything I know about becoming an expert says that if you skip the basics to try the cool advanced stuff, you will ALWAYS be playing catchup and NEVER have a true mastery of your subject.

That being said, I found this and wanted to share it with anyone who might be looking for info on it.

Snort Tutorial: How to use Snort intrusion detection resources

It is by no means an exhaustive tutorial, here is the table of contents:

How to use Snort: Features and capabilities
How to test Snort: Guidelines and best practices
Guidelines for writing and modifying Snort rules
Best practices for upgrading Snort

However it is worth looking at. Always remember that the best way to learn this stuff is by doing it. Grab an old machine and set up a snort box. Then test it. Then learn to read the logs from it and test it again.

Ill tell you what I think of it when I get there.

If anyone can suggest what basics to cover first, I'm always interested in your thoughts.

BCC - Learning Security the Hard Way

Wednesday, November 2, 2011

SNORT: a how to

Snort Tutorial: How to use Snort intrusion detection resources

No comments:

Post a Comment