To capture the network packets using snort.

-
requirement :-

1. kali Linux
2. router 

step :--

Download and Install SNORT in Kali Linux.


use command apt install snort


move to snort directory.

use command cd /etc/snortg


Original configuration file was snort.config, but for backup we will create a clone of this file and make changes in that file.

Use command cp snort.config test_snort.configg


We have to put our network and ip range in test_config file, for that we will edit this file.

use command nano test_snort.confg

After that put your network IP and range as shown in screenshot..


Then save and close the file.



Now we have to make rules, for that we have to move to rules directory.


use command cd rules

Here now the SNORT has so many rules files for defining rules we have to define on local.rules files, but for backup we can create secondary file by the command cp local.rules custom.rules

SNORT will not directly take rules from our custom file, for that we have to include custom file in that local.rules file.

For that we have to edit the file use command nano local.rules

and write that include line as shown in screenshot. After that save and close file.




Now we have to define our desired rule(that Insta, fb and YT) in custom rules file.

for that we have to edit that file, use command nano custom.rules

Now write the rules as I written(same format is accepted only).


Now setup is done.

For surety run the below command, this checks everything is well formatted and configured or not.

use command snort -T -i eth0 -c /etc/snort/test_snort.conf



To run SNORT use command.

use command

snort -A console -q -i eth0 -c /etc/snort/test_snort.conf


 

Comments

Post a Comment

Popular posts from this blog

How to Installing and setup GoPhish on Kali Linux

-
Image
  How to Installing and setup GoPhish on Kali Linux Gophish is an open-source phishing toolkit designed for security professionals to conduct penetration tests and awareness training. Developed with user-friendliness in mind, Gophish allows users to easily create, launch, and manage phishing simulation campaigns. It provides a web-based interface where users can design customizable email templates, landing pages, and email lists. Gophish’s real-time reporting and analytics capabilities enable detailed tracking of campaign metrics such as email open rates, link clicks, and submitted credentials, helping organizations assess their vulnerability to phishing attacks. Its flexibility and ease of integration make it a valuable tool for enhancing cybersecurity awareness and testing organizational defenses against social engineering threats. The tool supports various deployment environments, ensuring adaptability to different IT infrastructures. Gophish's comprehensive features make it...
Read more

Malware analysis tools

-
Image
  Best malware analysis tools and their features. Malware has become a huge threat to organizations across the globe. Something as simple as opening an email attachment can end up costing a company millions of dollars if the appropriate controls are not in place. Thankfully, there are a plethora of malware analysis tools to help curb these cyber threats. When responding to a security incident involving malware, a digital forensics or research team will typically gather and analyze a sample to better understand its capabilities and guide their investigation. There are a number of tools that can help security analysts reverse engineer malware samples. The good news is that a few malware analysis tools are completely free and open source.  1.peStudio This is an excellent tool for conducting an initial triage of a malware sample and allows me to quickly pull out any suspicious artifacts. Once a binary has been loaded it will quickly provide the user with hashes of the ma...
Read more

Search engines for cybersecurity research ( part -1 )

-
Image
  In the ever-evolving landscape of cybersecurity, staying ahead of emerging threats and vulnerabilities is crucial. Information security professionals, researchers, and enthusiasts constantly seek the latest insights, tools, and resources to fortify digital defenses. One invaluable weapon in this ongoing battle is the vast realm of search engines tailored specifically for cybersecurity research.   Cybersecurity research has grown into a multidisciplinary field, encompassing everything from threat intelligence and vulnerability analysis to incident response and ethical hacking. To navigate this intricate terrain effectively, researchers rely on specialized search engines that go beyond the surface-level results of conventional search queries. These dedicated tools are engineered to unearth the hidden gems within the vast sea of digital information, making them indispensable for anyone committed to securing the digital realm.   This blog aims to shed light on the d...
Read more