Snort Installation, Config, and Rule Creation on Kali Linux 2.0
Please check out my Udemy courses! Coupon code applied to the following links....
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali-linux-web-app-pentesting-labs/?couponCode=NINE99
https://www.udemy.com/kali-linux-hands-on-penetration-testing-labs/?couponCode=NINE99
https://www.udemy.com/network-security-analysis-using-wireshark-snort-and-so/?couponCode=NINE99
https://www.udemy.com/snort-intrusion-detection-rule-writing-and-pcap-analysis/?couponCode=NINE99
Description:
This video covers how to install Snort, edit the configuration file, create custom Snort rules, and analyze a PCAP with malicious Neutrino exploit kit activity. The following are the commands I used during the video:
apt-get install snort (this command installs Snort. If you are not root, type sudo apt-get install snort)
ifconfig (this shows the configuration of your local network interface)
touch /etc/snort/rules/custom.rules (this creates a rule file)
vi /etc/snort/snort.conf (this opens the Snort configuration file in Vi text editor)
mkdir log (this creates a directory named log)
snort -l ./log -b -c /etc/snort/snort.conf (this runs Snort in NIDS mode)
alert tcp any any -(greater than symbol) any any (msg:“Possible Neutrino Exploit kit infection.”; content:”vclphjybj.ioxbpjgtqvwqfzmwhn.ga”; classtype:trojan-activity; sid:999995; rev:1;) (Snort rule in video. Please note that pointy brackets aren't allowed in the YouTube description, so use a greater than symbol after any any -)
snort -l ./log -b -c /etc/snort/snort.conf -r (pcap name) (this reads a PCAP and compares it against Snort rules)
Видео Snort Installation, Config, and Rule Creation on Kali Linux 2.0 канала Jesse K
https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99
https://www.udemy.com/hands-on-penetration-testing-labs-20/?couponCode=NINE99
https://www.udemy.com/kali-linux-web-app-pentesting-labs/?couponCode=NINE99
https://www.udemy.com/kali-linux-hands-on-penetration-testing-labs/?couponCode=NINE99
https://www.udemy.com/network-security-analysis-using-wireshark-snort-and-so/?couponCode=NINE99
https://www.udemy.com/snort-intrusion-detection-rule-writing-and-pcap-analysis/?couponCode=NINE99
Description:
This video covers how to install Snort, edit the configuration file, create custom Snort rules, and analyze a PCAP with malicious Neutrino exploit kit activity. The following are the commands I used during the video:
apt-get install snort (this command installs Snort. If you are not root, type sudo apt-get install snort)
ifconfig (this shows the configuration of your local network interface)
touch /etc/snort/rules/custom.rules (this creates a rule file)
vi /etc/snort/snort.conf (this opens the Snort configuration file in Vi text editor)
mkdir log (this creates a directory named log)
snort -l ./log -b -c /etc/snort/snort.conf (this runs Snort in NIDS mode)
alert tcp any any -(greater than symbol) any any (msg:“Possible Neutrino Exploit kit infection.”; content:”vclphjybj.ioxbpjgtqvwqfzmwhn.ga”; classtype:trojan-activity; sid:999995; rev:1;) (Snort rule in video. Please note that pointy brackets aren't allowed in the YouTube description, so use a greater than symbol after any any -)
snort -l ./log -b -c /etc/snort/snort.conf -r (pcap name) (this reads a PCAP and compares it against Snort rules)
Видео Snort Installation, Config, and Rule Creation on Kali Linux 2.0 канала Jesse K
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Network Intrusion Detection Systems (SNORT)SNORT Demo - Network Intrusion Detection and Prevention System - Kali Linux - Cyber Security #10Creating SNORT RulesSNORT Workshop : How to Install, Configure, and Create RulesTutorial, Setting up Snort On pfsense 2.4 With OpenappIDUsing SNORTLinux for Ethical Hackers (Kali Linux Tutorial)Snort Intrusion Prevention System (IPS) Configuration and Rule CreationHow To Secure A ServerSuricata IDS/IPS Installation on Opnsense - Virtual Lab Building Series: Ep3SNORT // Como instalar, configurar y crear reglasWriting Snort RulesInstall Snort 2.9.8 on WindowsIntrusion Detection System with Snort Rules CreationConfiguring snort - Intrusion Detection System - Rule Writing and Testing30 things to do after installing Debian 10/11Snort IDS / IPS Complete Practical Guide | TryHackmeSnort 101How to Install Snort on Kali LinuxSuricata Network IDS/IPS System Installation, Setup and How To Tune The Rules & Alerts on pfSense