Details

This video will help you install and configure Snort 2 quickly and easily using Docker. Use the following resources mentioned in the video to help you through installation, configuration, and the labs portion of the video to familiarize yourself with Snort 2.

Snort 2 Docker and Labs

Snort Manual

Snort Documentation

Snort Community & Mailing List

Details

This video covers how to get started writing rules for the Snort 2.x open source IPS. This how-to video requires that you have a working Snort 2 installation. Watch the video on installing and configuring Snort 2 first. Learn how Snort rule syntax, structure, and operators combine to detect and alert on security events.

For a primer on RegEx, visit Regex101

Details

This video will help you install and configure Snort 3 quickly and easily. Use the following resources mentioned in the video to help you through installation, configuration, and the labs portion of the video to familiarize yourself with Snort 3.

Details

Learn how to install Snort 3 from the Talos Docker container, how to enable logging, and considerations for various operating systems. After the labs in this video you will be able to configure an easy ELK stack and view be able to view log data conveniently within your favorite browser.

Details

This video demonstrates writing rules in Snort 3. You will need the Docker container (discussed in the Snort 3 installation video) and a running instance of Snort 3. You will learn the construction, syntax, and execution of Snort rules, look at malicious traffic samples, and look at some helpful tools for using and maintaining Snort.

There are 4 labs in this video covering basic to advanced rule usage and techniques.

Snort 3 Docker Container

Details

In Cisco Talos' latest roundtable, we gathered folks from every corner of Snort to discuss Snort 3. We cover the software's lifecycle, its origins and make a pitch for why you should upgrade today.