HGunified

Switch to desktop

IDS SNORT

IDS - intrusion detection system. As the name suggests an IDS is a program that helps you monitor the connection and what ever come in and goes out of your pc can be seen. Here we use a very powerful IDS - snort.


step1.You need to download snort and install it.install snort. You can find the setup in the softwares section.

step2.In order to run snort you also need to download the rules for snort. Just sign up and on the website

--> activate account through the mail they send you

--> login

--> get rules

--> registered user release

--> snortrules-snapshot-2905.tar.gz

-->unzip contents and save them to the snort installation folder.

step3.Now you need to see the present network interfaces on you machine. So that you can monitor a particular interface. You need to run the command from /Snort(this is your installation folder)/bin. Enter the following command:-

snort.exe -W

step4. Now to start monitoring a particular interface enter the following command
snort.exe -i 1 -dev
where 1 is the interface number

step5.You can also create a log file if you want to record the logs. For that enter the following command.


snort.exe -c c:\Snort\etc\snort.conf -l c:\Snort\log -i 1


where snort.conf is the rules file and the logs are created inside c:\snort\log

Copyright by HGunified 2017. All rights reserved.

Top Desktop version