From the course: Protecting Your Network with Open Source Software
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Snort as an IDS: Detecting pings
From the course: Protecting Your Network with Open Source Software
Snort as an IDS: Detecting pings
- We just introduced a new Snort rule to detect ping packets, and it's time to check if it actually works. Let's start by running Snort in its IDS mode. Type sudo space snort space - C, which indicates the location of the Snort configuration file. We'll be using the default Snort configuration file, which is located at /etc/snort/snort .com. The next option is - A console. Type dash, capital a, space, console, which indicates that we'll be displaying the Snort alert on our terminal window. The next option to specify is - L space /var/log/snort, which tells where the Snort log messages are going to be stored. And finally, we have to say which network interface card Snort is going to be listening to by typing / -i space eth0. We'll be listening to the external network interface card of this Ubuntu router host, which has the IP of 10.0.0.6. Let's start Snort by…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
(Locked)
What is an IDS?3m 21s
-
(Locked)
Introducing Snort3m
-
(Locked)
Snort as a packet sniffer4m 19s
-
(Locked)
Snort as an IDS: Establishing rules5m 1s
-
(Locked)
Snort as an IDS: Detecting pings2m 10s
-
(Locked)
What is a network vulnerability assessment?3m 22s
-
(Locked)
Nessus2m 37s
-
(Locked)
Network scanning with Nessus2m 30s
-
(Locked)
-
-