Intrusion Detection System with Snort Rules Creation

Remember to subscribe to the channel so that you can be kept updated on the latest cyber-security tutorials.

LoiLiangYang

thanks man this is very helpful for my cybersecurity degree.

benwhite

@Loi Lang Yang your videos are really exceptional compared to other Channels.
Thanks so much for the video on SNORT RULES. Will be expecting more videos on (SNORT/SURICATA) as well as techniques to Evade (IDS/IPS)

dukewilson

Can I snort to detect a malicious user trying to target another IP besides the one using snort by like lets say arp spoofing or how would that work because in the field sometimes we aren't the target black hats typically have their networks in their cities they feel comfy in you know

jimgrayson

is it possible the snort's smpt rules to recognize email spam activity ?
(like mail spamassasin or else)

I mean, how to make specific smtp rules to detect, report and block email spam activities ?

I hope you can explain to us more spesific about rule creation and demonstrate this case also as well..

Thanks alot

vpnkusatu

great/concise good quality Videos- keeping to the technical contents/point.. would be good if you could show the initial installs of Snort as well.
Which Linux is better for Snort- Kali or Ubuntu..!?

kssaz

Hi do you have any online course options for both advanced Red and Blue team.

HeavenOfDVibess

Excellent video, thank you for sharing

screamingiraffe

sir, how can i get the attack signature for testing....

khairulanam

Dear Loi, Can snort run on Raspberry? Pi4 as an example. What are difficulties if any. Because I am working on Smart Home security and want to develop or improve some rules on Snort against WPA 2 and WPA3 networks. Of course Pi4 as a central controller. Your expert advices will be very useful.

ManeshThankappan

Great video, really clear although i have a dilemma. I'm new to snort and I have just got it installed on debian on virtual box. I have no idea what rules to set or not set to detect/prevent a dos and DDoS attack from another VM. My attacking VM is Kali Linux, I need to attack the debian machine with snort on it and analyse and put the results in my masters dissertation. So far I am completely stuck. Any help or advice here very much appreciated. I have the original snort.conf file and 2 copy files one where I deleted all rules and added just one icmp detection rule, and the other is just a simple copy of the original config file. This is so so confusing. I just don't know where to begin to get information that makes sense to me and I can explain it. :-(

CatKin

How well work in detecting RANSOMWARE on a network?

readyone

so i not need to install the snort anymore?

riskay

When i run this cmd sudo gedit icmp.rules &, I get this message - No protocol specified
Unable to init server: Could not connect: Connection refused?

(gedit:9743): Gtk-WARNING **: 04:34:12.477: cannot open display: :10.0

Bluedragon-cokb

sir how to join only for member course? I subscribed this channel but cant join..please help

rakibulhasanasif

Sir how to block this packet plzz reply

SiddiquiAnas

Hi, I'm facing a problem near the command cmake, can you help me with this.
Can anyone send me the link for snort that is working now and on which ubuntu it can be deployed.

nandhakishore

0:53 - "... and I can see clearly when I enter man snot..." lol so gross

crbruddc

Thank you. But, 07:23 - please use "ip a ls" instead ifconfig. Ifconfig is very old command.

nurmukhamedartykaly

Excellent video, thank you for sharing

screamingiraffe