viernes, 9 de febrero de 2018

EASY IDS. Basic Snort rules example

EASY IDS is a system with a lot utilities, at this post I speak of Snort

Download de ISO

Install in one VM


For one test basic you need 2 network cards. One to gestion other to sniffer



Now you can view th IP address to connect with a browser



User: admin /Pwd: password  -> default





You need change some variables:



Create a simple rule. Chek all ping / icmp package a our new IDS



If you check the configuration with GUI







Run!
Now without attacks:

Check the rule


Now detected attack

Check the IDS status

by GoN | Published: February 8, 2018 | Last Updated:

No hay comentarios: