Skip to main content
Unix & Linux

Questions tagged [snort]

Ask Question

Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS).

29 questions
Newest Active Bountied Unanswered
1 vote
1 answer
616 views

Hope this is the right place to ask vs SO, ServerFault, etc. I've searched a lot and can't find anything remotely like this question, ready to be proven a bad searcher. When I build a Ubuntu 22-based ...
JimLohse's user avatar
  • 113
1 vote
0 answers
213 views

I am trying to use the Snort IPS. In order to use it as an inline prevention system I need to make two interfaces and snort will bridge the two to apply its rules as a packet passes through the bridge....
l3m0n's user avatar
  • 11
1 vote
1 answer
1k views

I am new to using snort and still learning in university. I am wondering after I find an intrusion how can I log it and save it as a pcap file? What would the syntax look like to do this? So I can ...
Albion69's user avatar
  • 21
0 votes
1 answer
132 views

I have this configuration:vmware debian11 running snort, vmware kali Linux running nmap that scans ports of Debian 11(real). snort doesn't alert port scanning in this case. instead if I scans ports of ...
CaneRandagio's user avatar
  • 101
1 vote
0 answers
746 views

I am trying to become familiar with Snort, and for this reason, I have set three VMs. A Kali, a windows machine with XAMPP and Ubuntu where I installed Snort. I believe I have Snort running in ...
george's user avatar
  • 11
0 votes
2 answers
3k views

Checked answers to the similar question. Still not working for me. Current entries in /etc/apt/sources.list: 1. deb http://http.kali.org/kali kali-rolling main non-free contrib 2. deb http://http.kali....
kstatinet's user avatar
  • 11
1 vote
1 answer
25k views

I am having problem with installing snort on Kali. I used the command: sudo apt-get install snort -y but it replies only that unable to locate the package error. I did upgrade, update, edit sources....
sayed hussain's user avatar
  • 21
0 votes
1 answer
132 views

I'm running Apache on a server with stateful firewall where new IPv4/IPv6 ingress connections are allowed only to TCP ports 80 and 443. SSH is allowed from few trusted hosts and only certain ICMP/...
Martin's user avatar
  • 8,058
1 vote
0 answers
2k views

PROBLEM: I have been configuring snort on my systems and would like to get emails from the systems if there are any alerts. What I have tried is swatch but I can't find much documentation on it, can ...
somethingSomething's user avatar
  • 6,249
0 votes
1 answer
85 views

I have a snort.rule file, I need to extract cve numbers followed by reference key from the line and append them back in msg field of the same line inside flower brackets, below is the old log. alert ...
Jacob_'s user avatar
  • 1
1 vote
0 answers
56 views

I have SNORT running on an Ubuntu 18.04 server. I have alerts firing off but the alert logs come through as IP addresses. I have a list of websites the system has visited throughout the day. Is ...
Softey's user avatar
  • 113
1 vote
1 answer
2k views

I installed snort (currently ver. 2.9.7.0-5) then compiled Barnyard2 Version 2.1.14 (Build 337). At first try with: sudo ./barnyard2 -c ../etc/barnyard2.conf -o /var/log/snort/snort.alert I get ...
Adrian's user avatar
  • 773
1 vote
0 answers
74 views

I am trying to find a way to stop port scans or DoS type activities from within the network to external resources so I can reduce the number of abuse complaints. While I know there are numerous tools ...
Chris Wong's user avatar
  • 11
1 vote
1 answer
3k views

I want to test snort, so I want to have some test network traffic. Since snort can read pcap files, I want to generate some traffics which can be customized and save it to pcap files. Here are my ...
Yanghao Xie's user avatar
  • 11
0 votes
1 answer
580 views

I am working with snort. While configuring I have come across rule files such as decoder.rules and preproc.rules. Can any one please tell me the use of enabling these rules in snort.conf ?
Lakshmi Balan's user avatar
  • 103

15 30 50 per page
1
2