Week4 was all about digging into how Snort works, Snort rules and IT security lecturing. I had some resources prepared for this, so i started reading on Snort Intrusion Detection and Prevention Toolkit by Jay Beale.
I’ve managed to understand the basics of Snort rules and to create my first rule. For IT security lecturing i’ve used some interesting IT Security/Networking resources that i came across. One of them is the 10 rules of information security.
On Snorby custom PDF generating, there wasn’t so much progress because of the lack of documentation.
Plan for next week:
- dig more into Snorby custom PDF generating, i’ll probably have to do some hardcoding and i’ve never programmed in ruby+rails
- make a list for what kind of rules in would need in my system
- implement as many rules as posible
This is part of a series of blogposts that serve as my weekly log for my professional special subject project. It has documentation purposes and it is a nice way to present your work to the teachers. For further information about my work and what i’ve learned and did follow the inbound/outbound links within these posts.