Changes

Jump to navigation Jump to search

Linux: Snort (edit)

Revision as of 20:41, 19 April 2015

471 bytes added ,  20:41, 19 April 2015
no edit summary
Line 3: Line 3:  
https://www.youtube.com/watch?v=cQeeko9J_Yw
 
https://www.youtube.com/watch?v=cQeeko9J_Yw
 
=== Instalation ===
 
=== Instalation ===
 +
https://www.youtube.com/watch?v=ptIzGv1b9GQ<br />
 +
 
#.- sudo apt-get install snort
 
#.- sudo apt-get install snort
 
#.- sudo dpkg-reconfigure snort
 
#.- sudo dpkg-reconfigure snort
Line 19: Line 21:  
#.- sudo su
 
#.- sudo su
 
#.- snort -v
 
#.- snort -v
=== Auto snort ===
+
=== Modes ===
https://github.com/da667/Autosnort
+
* Packet sniffer (snort -dev)
 +
* Log Mode (snort -de -l <log_dir> | to view log use: tcpdump -r <log_file>)
 +
* Intrusion detection sniffer (snort -c /etc/snort/snort.conf)
 +
=== Intrusion detection mode ===
 +
==== Config file ====
 +
/etc/snort/snort.conf<br />
 +
snort -A full -d -c /etc/snort/snotr.conf -l <log_dir><br />
 +
/etc/snort/reference.config --> display additional information on alerts.<br />
 +
==== Snort rules ====
 +
https://www.youtube.com/watch?v=RUmYojxy3Xw
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/489"

Navigation menu