Penetration Testing and Exploitation
Duration: 5 DaysCommercial: $3,783Government: $2,833

Courses - Snort Fundamentals

Snort Fundamentals is a concentrated three-day tour of the Snort intrusion detection and prevention system (IDS/IPS) with a focus towards hands-on exercises, providing students with the knowledge needed to install, configure and maintain a network of Snort sensors. Students are expected to understand the concepts of computer networking to the level of the AoE® LAN/ WAN Fundamentals course.

The Snort Fundamentals course begins with a brief review of common network protocols, continuing into discussions and exercises centered on installing and configuring Snort. Finally, students will learn the methodology and best practices as they write and test new Snort rules. Hands-on labs span a variety of tools including tcpdump, Wireshark, Snort, Barnyard2, and Snorby.

Students will perform in-depth network analysis, install Snort, extend Snort functionality with the use of Barnyard2 and Snorby, modify existing rules, write new rules, and analyze rule performance. A capstone exercise provides a real-world scenario in which students are expected to analyze network traffic in realtime as multiple attacks take place.

Snort is a registered trademark of Sourcefire, Inc.


Students should have general computer knowledge and have completed AoE® LAN/WAN Fundamentals or have equivalent experience.


  1. Course Introduction
  2. Intrusion Detection / Prevention Systems
  3. Overview of Network Protocols
  4. Ethernet
  5. Internet Protocol (IP)
  6. User Datagram Protocol (UDP)
  7. Transmission Control Protocol (TCP)
  8. Snort Rules
Snort Fundamentals Datasheet

©2016, Comtech Telecommunications Corp. All Rights Reserved.