Snort is a favorite application for the users of the network for better monitoring network activity of local computer or Internet networks.
Snort is one application that can analyze real-time traffic 'and logging ip, port able to analyze and detect all kinds of outside activities such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting. snort it by default has the 3 most important things are:
- packet sniffer, like tcpdump, iptraf, etc.
- packet logger, which is useful for packet traffic, etc.
- NIDS, intrusion detection at the network.
To intstall it, follow these steps :
Download snort package by type on the teminal
$ wget -c http://www.snort.org/dl/snort-2.0.0.tar.gz
$ wget -c http://www.snort.org/dl/rules/snortrules-stable.tar.gz
Extract snort by type :
$ tar -zxvf snort-2.0.0.tar.gz
$ cd snort-x.x.x
$ ./configure
$ make
$ make install
For information which is installed snort directory can be viewed by typing:
$ ./configure --help
Here is the command to use snort:
Packet Sniffer :
$ snort -vde
$ snort -vd
$ snort -v
Packet Logger
$ snort -dev -l ./log -h 192.168.2.1/24
If you still confused the instructions to snort, you dapt learn this command in snortrules-stable.tar.gz.
Happy Testing...!!!
No comments:
Post a Comment
Please Comment...!!