SlideShare une entreprise Scribd logo

Snort ppt

A
aAlcantar93
Technologie
1  sur  12
Télécharger pour lire hors ligne
Alejandro Alcantar
• Snort is an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) • Snort can be used to block malware, and other intrusions on your computer. • Snort, although initially programmed for Linux and other Command Line Interface (CLI) systems, can be configured to run on Windows. • Before configuring Snort to run on Windows, your system is required to have WinPCap and Barnyard installed.
• Before you can install Snort, your system is require to have WinPCap 4.1.1 or newer. • Open up a your web browser and go to your preferred search engine. • Once there search for WinPCap and download the latest version. • In this case the latest version is 4.1.3. • After the download run the installer and go through the program setup like you would normally.
• Other than WinPCap the only other system requirement for installing Snort is Barnyard. • So, again, open up your browser and go to your search preferred search engine. • Once there search for a Barnyard download for Windows, this may be a little difficult to find so make sure your include which OS you are using in the search. • Once you find it, download it and run the installer. • Once the installer is running, go through the program setup like you normally would.
• First we need to find the program that we need to install. • So we open our web browser and go to any search engine. • Search for Snort and open the result link to the program website. • Once on the site go to the download section of the site.
• There are multiple sections with download links. • The one we are going to download from is the Binaries section. • Under the Binaries list there are multiple download links. • We are looking for the Installer with the right file type to run on our OS. • We are using Windows, so we are going to use the executable (.exe) file. • Download the file and run through the set up process. • If you are using Internet Explorer, you may have to save the file and rename it as an .exe file.
• Now to download the your Snort rules, and get the program configuration started. • On the Snort site, click the get rules button and it will take you to the rules download page. • Here you are going to download the rules file that either matches or is closest to the version of Snort that you have downloaded. • Once downloaded extract the files to your Snort folder.
• Now we need to consult the documentation to configure Snort, which you can find on the Snort site, or if you prefer on just about any search engine. • Once you open your Snort documentation, read through and follow the instruction in order to configure your Snort program.
• The documentation is telling you to open the .conf file and edit certain lines in it. • To do this find the file in your etc folder in your Snort folder. • Right-click the program and open it with WordPad. • In the .conf file you are going to search for the lines that you are instructed to change . • Once you find them, make the necessary changes. • Be sure to double check your changes before you save and close the file.
• In Fig. 1 you are being asked to run commands in your Command Prompt, so open up your Command Prompt by opening your Start menu and searching “cmd”. • Run the first command that is asks you to, and your screen should look like figure 2, and from this you are going to find your interface number. • Fig. 1 then asks you to run a second command in which “X” is to be replaced with your interface number, so if done correctly, you should get a long stream of data like in Fig. 3. Fig. 1 Fig. 2 Fig. 3
• You are now asked to open a new Command Prompt window and run the command “ping google.com”. • If it is done correctly you should end up with two Command Prompt windows that look like the two above.
• The documentation now instructs you to close the previous two Command Prompt windows and open a new one. • Run the new command in your new Command Prompt window, and if no errors occur you window should look like the second figure. • If an error does occur, you will then need to open your .conf file in WordPad again, and make correction to the appropriate lines, until running the command gives you a screen similar to the one displayed in the second figure. • You can identify the necessary line by looking for the number within the <> in the error message.

Recommandé

Ch 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringCh 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringSam Bowne
 
Snort
SnortSnort
SnortRahul Jain
 
Different Methodology To Recon Your Targets
Different Methodology To Recon Your TargetsDifferent Methodology To Recon Your Targets
Different Methodology To Recon Your TargetsEslamAkl
 
Introduction to foot printing
Introduction to foot printingIntroduction to foot printing
Introduction to foot printingCHETAN THAKRE
 
Wi-Fi Hotspot Attacks
Wi-Fi Hotspot AttacksWi-Fi Hotspot Attacks
Wi-Fi Hotspot AttacksGreg Foss
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Threat Hunting with Data Science
Threat Hunting with Data ScienceThreat Hunting with Data Science
Threat Hunting with Data ScienceAustin Taylor
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 

Contenu connexe

Tendances

Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanningleminhvuong
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort webhostingguy
 
Thick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfThick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfSouvikRoy114738
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanningamiable_indian
 
Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introductiongbud7
 
CNIT 126: 10: Kernel Debugging with WinDbg
CNIT 126: 10: Kernel Debugging with WinDbgCNIT 126: 10: Kernel Debugging with WinDbg
CNIT 126: 10: Kernel Debugging with WinDbgSam Bowne
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Forensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsForensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsGol D Roger
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)david rom
 
Andsec Reversing on Mach-o File
Andsec Reversing on Mach-o FileAndsec Reversing on Mach-o File
Andsec Reversing on Mach-o FileRicardo L0gan
 

Tendances (20)

Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
 
Snort IDS
Snort IDSSnort IDS
Snort IDS
 
Kali linux
Kali linuxKali linux
Kali linux
 
Zap vs burp
Zap vs burpZap vs burp
Zap vs burp
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
RAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial TradecraftRAT - Repurposing Adversarial Tradecraft
RAT - Repurposing Adversarial Tradecraft
 
Snort
SnortSnort
Snort
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Thick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdfThick Client Penetration Testing.pdf
Thick Client Penetration Testing.pdf
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanning
 
Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introduction
 
CNIT 126: 10: Kernel Debugging with WinDbg
CNIT 126: 10: Kernel Debugging with WinDbgCNIT 126: 10: Kernel Debugging with WinDbg
CNIT 126: 10: Kernel Debugging with WinDbg
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Forensic artifacts in modern linux systems
Forensic artifacts in modern linux systemsForensic artifacts in modern linux systems
Forensic artifacts in modern linux systems
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)
 
Disk forensics
Disk forensicsDisk forensics
Disk forensics
 
Andsec Reversing on Mach-o File
Andsec Reversing on Mach-o FileAndsec Reversing on Mach-o File
Andsec Reversing on Mach-o File
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 

En vedette

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypotmmubashirkhan
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Securityprimeteacher32
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemDevil's Cafe
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]SISA Information Security Pvt.Ltd
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortDisha Bedi
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Futurex Secure Key Injection Solution
Futurex Secure Key Injection SolutionFuturex Secure Key Injection Solution
Futurex Secure Key Injection SolutionGreg Stone
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortDisha Bedi
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAparna Bhadran
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)shraddha_b
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 

En vedette (20)

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypot
 
Snort
SnortSnort
Snort
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Security
 
Key management
Key managementKey management
Key management
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS Basics
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]
 
Hcl
HclHcl
Hcl
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using Snort
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
Futurex Secure Key Injection Solution
Futurex Secure Key Injection SolutionFuturex Secure Key Injection Solution
Futurex Secure Key Injection Solution
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
 
Wireshark
WiresharkWireshark
Wireshark
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 

Similaire à Snort ppt

Hacking with Backtrack Lecture-1
Hacking with Backtrack Lecture-1Hacking with Backtrack Lecture-1
Hacking with Backtrack Lecture-1Zia Ush Shamszaman
 
How to install windows 7
How to install windows 7How to install windows 7
How to install windows 7elboob2025
 
Move Windows 10 Installation to SSD without Reinstalling without Data Loss
Move Windows 10 Installation to SSD without Reinstalling without Data LossMove Windows 10 Installation to SSD without Reinstalling without Data Loss
Move Windows 10 Installation to SSD without Reinstalling without Data Lossmoli he
 
Apache open office installation guide
Apache open office installation guideApache open office installation guide
Apache open office installation guideBeing Programmer
 
Server quickstart47 windows
Server quickstart47 windowsServer quickstart47 windows
Server quickstart47 windowskb_exchange_hk
 
Operating Systems Basics
Operating Systems BasicsOperating Systems Basics
Operating Systems Basicsnishantsri
 
ITCP PRACTICAL-1.pptx
ITCP PRACTICAL-1.pptxITCP PRACTICAL-1.pptx
ITCP PRACTICAL-1.pptxHemantJadhao3
 
installation of VM and ubuntu.pptx
installation of VM and ubuntu.pptxinstallation of VM and ubuntu.pptx
installation of VM and ubuntu.pptxArchanaD30
 
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptx
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptxGroup#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptx
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptxAliHamza515454
 
Nessus Software
Nessus SoftwareNessus Software
Nessus SoftwareMegha Sahu
 
Project Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxProject Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxbriancrawford30935
 
Jenkins hand in hand
Jenkins hand in handJenkins hand in hand
Jenkins hand in handnetdbncku
 

Similaire à Snort ppt (20)

Hacking with Backtrack Lecture-1
Hacking with Backtrack Lecture-1Hacking with Backtrack Lecture-1
Hacking with Backtrack Lecture-1
 
How to install windows 7
How to install windows 7How to install windows 7
How to install windows 7
 
Move Windows 10 Installation to SSD without Reinstalling without Data Loss
Move Windows 10 Installation to SSD without Reinstalling without Data LossMove Windows 10 Installation to SSD without Reinstalling without Data Loss
Move Windows 10 Installation to SSD without Reinstalling without Data Loss
 
Fixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx ErrorsFixing 403 Forbidden Nginx Errors
Fixing 403 Forbidden Nginx Errors
 
Apache open office installation guide
Apache open office installation guideApache open office installation guide
Apache open office installation guide
 
Windows 8 talk compressed
Windows 8 talk compressedWindows 8 talk compressed
Windows 8 talk compressed
 
Server quickstart47 windows
Server quickstart47 windowsServer quickstart47 windows
Server quickstart47 windows
 
Operating Systems Basics
Operating Systems BasicsOperating Systems Basics
Operating Systems Basics
 
ITCP PRACTICAL-1.pptx
ITCP PRACTICAL-1.pptxITCP PRACTICAL-1.pptx
ITCP PRACTICAL-1.pptx
 
Srgoc linux
Srgoc linuxSrgoc linux
Srgoc linux
 
cs506_linux
cs506_linuxcs506_linux
cs506_linux
 
Baabtra django framework installation and sample project using aptana
Baabtra django framework installation and sample project using aptanaBaabtra django framework installation and sample project using aptana
Baabtra django framework installation and sample project using aptana
 
installation of VM and ubuntu.pptx
installation of VM and ubuntu.pptxinstallation of VM and ubuntu.pptx
installation of VM and ubuntu.pptx
 
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptx
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptxGroup#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptx
Group#4 Ali-Hamza --Sufian abid-- umer naseem -- adeel akhtar.pptx
 
Nessus
NessusNessus
Nessus
 
Nessus Software
Nessus SoftwareNessus Software
Nessus Software
 
Project Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docxProject Malware AnalysisCS 6262 Project 3Agenda.docx
Project Malware AnalysisCS 6262 Project 3Agenda.docx
 
Jenkins hand in hand
Jenkins hand in handJenkins hand in hand
Jenkins hand in hand
 
Linux
LinuxLinux
Linux
 
Open Source Software
Open Source SoftwareOpen Source Software
Open Source Software
 

Dernier

Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 

Dernier (20)

Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 

Snort ppt

  • 2. • Snort is an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) • Snort can be used to block malware, and other intrusions on your computer. • Snort, although initially programmed for Linux and other Command Line Interface (CLI) systems, can be configured to run on Windows. • Before configuring Snort to run on Windows, your system is required to have WinPCap and Barnyard installed.
  • 3. • Before you can install Snort, your system is require to have WinPCap 4.1.1 or newer. • Open up a your web browser and go to your preferred search engine. • Once there search for WinPCap and download the latest version. • In this case the latest version is 4.1.3. • After the download run the installer and go through the program setup like you would normally.
  • 4. • Other than WinPCap the only other system requirement for installing Snort is Barnyard. • So, again, open up your browser and go to your search preferred search engine. • Once there search for a Barnyard download for Windows, this may be a little difficult to find so make sure your include which OS you are using in the search. • Once you find it, download it and run the installer. • Once the installer is running, go through the program setup like you normally would.
  • 5. • First we need to find the program that we need to install. • So we open our web browser and go to any search engine. • Search for Snort and open the result link to the program website. • Once on the site go to the download section of the site.
  • 6. • There are multiple sections with download links. • The one we are going to download from is the Binaries section. • Under the Binaries list there are multiple download links. • We are looking for the Installer with the right file type to run on our OS. • We are using Windows, so we are going to use the executable (.exe) file. • Download the file and run through the set up process. • If you are using Internet Explorer, you may have to save the file and rename it as an .exe file.
  • 7. • Now to download the your Snort rules, and get the program configuration started. • On the Snort site, click the get rules button and it will take you to the rules download page. • Here you are going to download the rules file that either matches or is closest to the version of Snort that you have downloaded. • Once downloaded extract the files to your Snort folder.
  • 8. • Now we need to consult the documentation to configure Snort, which you can find on the Snort site, or if you prefer on just about any search engine. • Once you open your Snort documentation, read through and follow the instruction in order to configure your Snort program.
  • 9. • The documentation is telling you to open the .conf file and edit certain lines in it. • To do this find the file in your etc folder in your Snort folder. • Right-click the program and open it with WordPad. • In the .conf file you are going to search for the lines that you are instructed to change . • Once you find them, make the necessary changes. • Be sure to double check your changes before you save and close the file.
  • 10. • In Fig. 1 you are being asked to run commands in your Command Prompt, so open up your Command Prompt by opening your Start menu and searching “cmd”. • Run the first command that is asks you to, and your screen should look like figure 2, and from this you are going to find your interface number. • Fig. 1 then asks you to run a second command in which “X” is to be replaced with your interface number, so if done correctly, you should get a long stream of data like in Fig. 3. Fig. 1 Fig. 2 Fig. 3
  • 11. • You are now asked to open a new Command Prompt window and run the command “ping google.com”. • If it is done correctly you should end up with two Command Prompt windows that look like the two above.
  • 12. • The documentation now instructs you to close the previous two Command Prompt windows and open a new one. • Run the new command in your new Command Prompt window, and if no errors occur you window should look like the second figure. • If an error does occur, you will then need to open your .conf file in WordPad again, and make correction to the appropriate lines, until running the command gives you a screen similar to the one displayed in the second figure. • You can identify the necessary line by looking for the number within the <> in the error message.