P age |1
SNORT- NETWORK INTRUSION DETECTION SYSTEM (NIDS)
INTRODUCTION TO SNORT
Snort is an open source tool for intrusion detection and prevention system.
It uses a series of rules that helps define malicious network activities & uses those rules to
find packets that match against them & generates alerts for users.
Snort has three primary uses:
1) As a packet sniffer like tcpdump.
2) As a packet logger- this is useful for network traffic debugging.
3) As a full-blown network intrusion prevention system.
FEATURES OF SNORT
1) Rules: To generate rules to identify various kinds of scans such as TCP scan, UDP
scan, Fin scan, etc.
2) Attack Detection: To detect network scanning attacks, DoS attack, Malware attack,
etc.
INSTALLATION AND CONFIGURATION
SNORT can be installed by using Ubuntu OS. To install it follow these steps:
Requirement:
1) Oracle virtualBox
2) Ubuntu
3) KaliLinux
Step 1: Open virtualBox UbuntuTerminal
Step 2: Type this command in Ubuntu terminal,
“ ifconfig”
This command is to know ip address of Ubuntu machine. Note the ip address for further use
Pallavi Pandey
, P age |2
Here , inet is my address.(192.168.82.42)
Step 3: clear the screen by using “clear” command. Type the below command.
“ sudo su “
This code will open Root Path, this is for opening Super User.(Administrator)
Pallavi Pandey
SNORT- NETWORK INTRUSION DETECTION SYSTEM (NIDS)
INTRODUCTION TO SNORT
Snort is an open source tool for intrusion detection and prevention system.
It uses a series of rules that helps define malicious network activities & uses those rules to
find packets that match against them & generates alerts for users.
Snort has three primary uses:
1) As a packet sniffer like tcpdump.
2) As a packet logger- this is useful for network traffic debugging.
3) As a full-blown network intrusion prevention system.
FEATURES OF SNORT
1) Rules: To generate rules to identify various kinds of scans such as TCP scan, UDP
scan, Fin scan, etc.
2) Attack Detection: To detect network scanning attacks, DoS attack, Malware attack,
etc.
INSTALLATION AND CONFIGURATION
SNORT can be installed by using Ubuntu OS. To install it follow these steps:
Requirement:
1) Oracle virtualBox
2) Ubuntu
3) KaliLinux
Step 1: Open virtualBox UbuntuTerminal
Step 2: Type this command in Ubuntu terminal,
“ ifconfig”
This command is to know ip address of Ubuntu machine. Note the ip address for further use
Pallavi Pandey
, P age |2
Here , inet is my address.(192.168.82.42)
Step 3: clear the screen by using “clear” command. Type the below command.
“ sudo su “
This code will open Root Path, this is for opening Super User.(Administrator)
Pallavi Pandey
