Snort Signatures, IDS Tuning, and Blocking

CYBRScore
Cyberscore

Often a security analyst will need to update the existing IDS/IPS (Intrusion Detection/Prevention System) to handle new threats. This lab simulates creating a reject and drop rule for a specific traffic type, and alerting the Snoby SEIM when they hit.

Time
45 minutes
Difficulty
Intermediate
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Overview

Often a security analyst will need to update the existing IDS/IPS (Intrusion Detection/Prevention System) to handle new threats. This lab simulates creating a reject and drop rule for a specific traffic type, and alerting the Snoby SEIM when they hit.