Sistemi za detekciju i prevenciju upada (IDS / IPS)

Instruktor

Instruktor ove obuke je dr Nemanja Maček.

Kome je namenjena obuka

Obuka je primarno namenjena sistem administratorima, administratorima mreže, sistem administratorima za bezbednost.

Trajanje

Obuka traje 1 radni dan od 6 školskih časova, sa početkom u dogovoreno vreme.

Potreban nivo predznanja

Za obuku je potreban napredni nivo predznanja u oblasti informacionih tehnologija.

Prethodne obuke

Preporučuje se da polaznici ove obuke su prethodno pohađali obuku:

• Osnovna obuka informacione bezbednosti „BITSEC“

Prijava

Prijavu za obuku možete pronaći na ovom linku.

Sadržaj

Teme koje će da se obrade na obuci su:

1. Fundamentals of Traffic Analysis
   • TCP/IP Concepts
   • Using Wireshark
   • Link Layer, IPv4, IPv6, and Fragmentation
   • Transport Layers TCP, UDP, and ICMP
2. Introduction to Intrusion Detection Systems
   • IDS Architectures and Components
   • Misuse and Anomaly Detection
   • Performance Metrics
   • Snort as a Rule Matching Network IDS
3. Snort Concepts and Design
   • Modes of Operation: Sniffer, Packet Logger, NIDS
   • Plug-Ins
   • Running, Installing, Configuring, and Customizing Snort
   • Writing Snort Rules
4. Host-Based IDS
   • OSSEC Open-Source HIDS/SIM
5. Machine-Learning Based IDS
   • Theory behind Supervised Learning
   • Training Network IDS Systems
   • Training Host-Based IDS Systems
   • Custom IDS from Scratch
6. IDS Evasion Techniques and Countermeasures
7. Integration with Other Security Mechanisms