viernes, 9 de febrero de 2018

EASY IDS. Basic Snort rules example

EASY IDS is a system with a lot utilities, at this post I speak of Snort

 Download de ISO

Install in one VM


For one test basic you need 2 network cards. One to gestion other to sniffer

Now you can view th IP address to connect with a browser

User: admin /Pwd: password  -> default



You need change some variables:

Create a simple rule. Chek all ping / icmp package a our new IDS

If you check the configuration with GUI




Run!
Now without attacks:

Check the rule
Now detected attack

 Check the IDS status

by GoN | Published: February 8, 2018 | Last Updated:

Publicado por en
Etiquetas: , , ,

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)