Snort User Webcast Series
You can access the complete archived Snort User webcast series by submitting the form below the descriptions.
June 12, 2009 | Installing Snort 2.8.4 on Fedora Core 10
In this edition of the Snort Users Webinar Series Nick Moore a Security Engineer with Sourcefire will discuss installing Snort 2.8.4 on Fedora Core 10. Nick’s presentation will cover a basic Snort/Base installation on a VMWare install of FC 10 with:
- MySQL 5.0.77
- Libnet 1.0.2a
- Libpcap 1.0.0
- BASE 1.4.2
- Apache 2.2.11
April 22, 2009 | What's New in Snort 2.8.4
In this webinar, Steve Kane, Snort product manager and Steve Sturges, Snort development team manager, discuss what’s new in Snort 2.8.4. Snort 2.8.4 introduced a number of new features to improve the detection capabilities and performance of Snort. The release features:
- New DCE/RPC preprocessor
- Improved support for IPv6
- New support for target-based functionality
- The ability to prefilter traffic to improve performance
February 23, 2009 | Effective Problem Reporting: How to Get Your Problems Noticed and Fixed
In this session of the Snort-Users webinar series, Alex Kirk of the Sourcefire VRT discusses how to prepare a Snort rules-related bug report that will enable the VRT to help you solve the problem at hand. Discussion will include:
- Common pitfalls in false positive/negative reporting
- Steps that you should take prior to submitting a bug report for a rule
- A checklist you should use when you're ready to submit your bug report
November 12, 2008 | Using the Host Attribute Table in Snort
This session features Ed Mendez, Director of Courseware Development for the Sourcefire Education Team. Ed will discuss Using Snort's Host Attribute Table. The session will include an overview of what you can do with it and why you might find it useful. It will also discuss how to build the attribute table file and describe the XML structures it uses. Additionally, this session will describe how you can write rules that take advantage of this feature to provide more robust detection capabilities.
September 17, 2008 | Writing Effective Rules, Part II
In this session Matt Olney of the Sourcefire Vulnerability Research Team (VRT) will present Performance Rules Creation: Rules Options and Techniques. In this session Matt will look at the use of several different rule options by examining their use in published VRT rules:
- Detecting buffer overflows with content checks and isdataat, and PCRE
- Detecting attacks against the Kaminsky DNS bug with byte_test
- Parsing variable sized protocols and using byte_test for buffer overflow detection
- Fun with the content and replace keywords
Aug 20, 2008 | Common Mistakes with Snort and How to Fix Them
Common Mistakes with Snort and How to fix them. In this session Joel Esler, a Sourcefire security consultant and frequent contributor to the Snort community discusses some of the most common mistakes made when configuring and using Snort and how to fix them. Topics covered in this session will include:
Snort.conf file | Variables | Preprocessors | Rules | Barnyard and SnortUnified
June 4, 2008 | Writing Effective Rules, Part I
In this latest Snort Users Webinar, Matt Olney of the Sourcefire VRT discusses the VRT's methodology for writing effective Snort Rules and what you need to know about Snort to take on rule writing.
The one-hour session covers:
Detection theory | Snort’s architecture | Rule options available in Snort
February 27, 2008 | Intro to Snort
One-hour webcast wth Ed Mendez, Director of Instructional Design and Development, covering the basic steps necessary to install, configure and use Snort. The session covers:
Planning a deployment | Preparing for the install | Software requirements | Installing Snort | Basic Snort operation | Tuning strategies
Please note: all fields marked with  are required.
|
3D System Demo
|
©2009 Sourcefire, Inc.