EASY IDS. Basic Snort rules example

EASY IDS is a system with a lot utilities, at this post I speak of Snort

Download de ISO

Install in one VM

For one test basic you need 2 network cards. One to gestion other to sniffer

Now you can view th IP address to connect with a browser

User: admin /Pwd: password  -> default

You need change some variables:

Create a simple rule. Chek all ping / icmp package a our new IDS

If you check the configuration with GUI

Run!

Now without attacks:

Check the rule

Now detected attack

Check the IDS status

by GoN | Published: February 8, 2018 | Last Updated:

NAGIOS. Logs. What is the last change..

For to known who & when has been modified something we can consult the NagiosXI  (Audit Log) log

In the Admin zone:

Check at Nagios XI
by GoN | Published: Febrary 5, 2018 | Last Updated: