The Configuring IDS and Honeypots module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Install Snort
- Test Snort
- Configure and Re-Test Snort
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- SY0-501 2.1: Install and configure network components, both hardware- and software-based, to support organizational security
- SY0-501 2.4: Given a scenario, analyze and interpret output from security technologies
- SY0-501 5.5: Summarize basic concepts of forensics.
Exercise 1 - Snort Installation
Snort is a portable intrusion detection system (IDS) for Windows and Linux operating systems. This tool is capable of capturing real-time network traffic analysis and perform packet logging on TCP/IP networks.
Exercise 2 - Test Snort
Snort is an open source intrusion detection system that can monitor and log the traffic in real time. With the help of signatures, it can respond to a number of threats.
Exercise 3 - Configure and Re-Test Snort
This exercise will consist of modifying the configuration files and then re-testing snort to confirm that it works.