Intrusion detection systems (IDS) allow you to monitor traffic and send alerts when abnormal activities have been detected. In this 14-video course, you will explore concepts of traffic analysis and IDS, including network forensic analysis, sniffing and sensors, signal and noise, and brute force analysis. To begin, you will examine approaches to network security through traffic analysis, then take a look at tools and techniques used by IDS. Learners will also explore the network forensic approach to computer networks; learn how to describe types of application controls that can be used for traffic analysis; placement and use of sniffing and IDS sensors; and examine concepts of signal and noise when it comes to network traffic analysis. You will learn how to perform IDS with Snort with a sample ruleset; configure Bro to detect common attack patterns; use Wireshark to inspect network packets; and perform nmap scans with methods to evade IDS detection. In the final tutorials, you will perform brute force analysis with nmap, and a mock denial of service (DoS) attack with nmap.
Intrusion Detection: Best Practices