Snort Signatures, IDS Tuning, and Blocking
Often a security analyst will need to update the existing IDS/IPS (Intrusion Detection/Prevention System) to handle new threats. This lab simulates creating a reject and drop rule for a specific traffic type, and alerting the Snoby SEIM when they hit.
Time
45 minutes
Difficulty
Intermediate
Share
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »

Overview
Often a security analyst will need to update the existing IDS/IPS (Intrusion Detection/Prevention System) to handle new threats. This lab simulates creating a reject and drop rule for a specific traffic type, and alerting the Snoby SEIM when they hit.
Learning Partner