Feb 26, 2020

In this video from our Snort IDS Blast Course we will show you how to go about configuring Snort IDS. The course and the video are a few years old, but some things never change! The skills you learn here will be useful when you're dealing with IDS systems today. Dive in! 

In this course, we will use the Security Onion operating system. Security Onion is based on Ubuntu Linux distro. It contains the Snort IDS, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. We will use the Snort IDS application  for the majority of this blast course.

The target learning objective for this course is to introduce the student with to the Snort IDS.  We will start with configuring Snort IDS to work properly. We will  learn how to setup IP and Port variables for ease of management followed by being acquainted with basic Snort rules. We will then move to define our own custom rules. Finally, we will advance our learning by crafting complex Snort rules to enhance our network IDS capabilities and streamline processing power. This course is streamlined for advanced users who wish to add to their knowledge about IDS capabilities using Snort.

What will you learn?

The student will learn different methodologies of dissecting IP packets with the Snort IDS. By doing so, it allows the student to implement granular control over what will gain or be denied access to the internal or external network.

What skills will you gain?

The student will learn how to effectively implement an IDS solution that preserves processing power, trim log file output to what is only necessary as well as setup log trap threshold for IDS alerts.

What should you know before you join?

The student needs to understand how to compute in hexadecimal format, ASCII format and binary calculations. The student also needs to be familiar with IP subletting (both classful and classless).

What will you need:

  • Host workstation capable of handling at least three VM's simultaneously with atleast 2048MB of VM memory – 1 Kali Linux, 1 Windows 7 and Security Onion for the Operating Systems
  • Security Onion -
  • 3 Virtual Ethernet Interfaces on the Security Onion. Eth0 in non-promiscuous mode. Eth1 and Eth2 in promiscuous mode
  • A light FTP server installed on the Windows 7 VM

Your intructor: 

ray2Ray holds a bachelor’s degree in computer information systems and a master’s degree in organizational leadership. His current certifications are CISSP, CEH, CCNA, N+ and the PMP. Ray freelances as an online IT instructor that includes CISSP, CEH and CCNA courses. He has also taught for various organizations on hacking with the Metasploit framework, scripting with Python and Ruby as well as other tools used for hacking. He occasionally provides IT security consultancy for various organizations. Ray resides in Augusta, Georgia USA. He has over 15 years of military and civilian IT security and project management experience.


[custom-related-posts title="Related Posts" none_text="None found" order_by="title" order="ASC"]

Recommended From Hakin9
CrowdStrike Outage: How the IT Disaster Became a Hacker’s Paradise

Picture this: you’re at the peak of your productivity when suddenly, your computer throws a

How ChatGPT Turned Me into a Hacker

Ever watched a movie where hackers break into the most secure systems with just a

WhatsApp Scam Attack Anatomie

In recent years, the rise of digital communication platforms has provided both opportunities and challenges

The State of AI in Cybersecurity: Navigating the Evolving Threat Landscape in 2024 (Part 2)

Continuing our exploration from the previous blog, “The State of AI in Cybersecurity: Unveiling Global

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023