Snort IDS / IPS Complete Practical Guide | TryHackme

Показать описание

In this video walk-through, we covered configuring snort as an IDS/IPS open-source solution. Snort operates as sniffer, packet logger and IPS/IDS.
**********
Receive Cyber Security Field, Certifications Notes and Special Training Videos
********
Writeup
TryHackMe Snort
*****
Store
Patreon
Instagram
Google Profile
LinkedIn
Instagram
Twitter
Facebook
****
0:00 - Introduction to Snort and IDS/IPS Basics
2:15 - Intrusion Detection and Prevention System Concepts
5:41 - How IDS/IPS Work with Detection Techniques
7:58 - Overview of Snort and its Functions
12:30 - Configuring Snort: Paths, Plugins, and Networks
16:14 - Snort Modes: Sniffer, Packet Logger, and NIDS/NIPS
18:00 - Snort Practical Demonstration in Sniffer Mode
23:07 - Using Snort in Different Sniffing Modes
26:01 - Packet Logger Mode in Snort
30:58 - Reading Logs and Filtering Traffic in Snort
35:00 - Storing Logs in ASCII Format for Readability
37:30 - Task Exercise: Investigating Logs

Рекомендации по теме

Комментарии

I'd got the same problem with the questions that you didn't found, and I really entered to this video trying to found the answers. Finally i found that the mode that works similar to NIPS is "NBA" (Network Behaviour Analysis), and the kind of NIPS that it is is "full-blown". Hope it will help!

inlak

According to the official description of the snort, what kind of NIPS is it?
full-blown

chicaomassari

thank you for explaining this. Been going through the SOC pathway and snort has completely stumped me by not fully explaining the contents of the output it gives (might as well be hieroglyphs lol) . Your teaching and break down of the concepts were super helpful in learning the fundamentals of it.

MFmyk

how did u get the traffic generator installed ?

selena

As usual, the greates professor! Thanks Motasem!

assassino

what a teacher.really i learn a lot of you.

johnvardy

its a clear video and Very helpful and easy english that help me understand without having fluent english

rabahkhiari

A clear video tutorial. Very helpful to tryhackme beginners. Thanks professor.😊😊

anoopvijayan

I was able to complete the task cuz of this video! Super clear :) Thanks much

SaitejaG-hh

very helpful to follow along with at every spot I got stuck in the snort room. Thank you!

isaacringling

I'm sharing my experience here, hopefully, it helps others. I initially missed a key step in Task 8: Operation Mode4 - PCAP Investigations. There are multiple ways to get to point B but I choose the following path:
Mr. Hamdan provided a helpful bash command to locate the relevant file: find . -name "icmp-test.pcap". After accessing the directory, I used the command while directory Task 8: snort -r icmp-test.pcap and had no problems moving to the next step. Thank you Mr. Hamdan

wabisabi

I was messing with step 9, question 1, forever and thought I was failing. However, it was because I didn't realize the alert file being made :) Great vid.

viorage

You are the best in explaining things Motasem, thanks a lot !

ЮрійМинаш

NBA and full-blown, thanks for this video, this snort was so complicated, they really need some gui platform

tradesmenlife

3rd to last question in task 4 is "full-blown". It is listed in the description of snort under the blue highlighted letters section.

cloudhobbyist

Great content. Please share your entire notes with me, focusing on the sudo command.

hurrenbardinas

Very well organized and well explained! thank you ! that was really helpful

elisehackmann-tfxg

Thank you so much @Motasem for creating this awesome video on Snort. It was really helpfull and informative from starting to end. I liked the way of your explaining the concepts or points in details with easy explanations. Again appreciated the hard work you put in this video :)

SandeepKumar-zbuf

Can I ask what the notepad are you using?
I want to put notes in somewhere and looking for suitable note pad.

techskyrocket

Great job mate. I think this channel is underrated.
I have a question. I watched on this video that you are using obsidian. Are you sharing with the comunity your notes or they are private?

MG-bmoj

Snort IDS / IPS Complete Practical Guide | TryHackme

Snort IDS / IPS Complete Practical Guide | TryHackme

Introduction To Snort IDS

pfSense + snort is AWESOME, quick look at IPS/IDS (For Free)

Network Intrusion Detection Systems (SNORT)

Snort IDS IPS

IDS vs IPS: Which to Use and When

Set Up Snort in PFSense From Scratch (IDS and IPS)

Blue Team Hacking | Intrusion Detection with Snort

Monitor Your System with OSQuery #SystemMonitoring #CyberSecurity #EthicalHacking #SystemSecurity

IDS vs IPS vs Firewall #networksecurity #firewall #IPS #IDS

Network Intrusion Detection Systems (SNORT) : IDS/IPS

pfsense 2.4.5 - Snort IDS IPS

How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU Performance

SNORT Demo - Network Intrusion Detection and Prevention System - Kali Linux - Cyber Security #10

Détection d'intrusions avec SNORT / IDS / IPS / prévention d'intrusions

Cybersecurity Analyst - Configure Snort IDS/IPS

Intrusion Detection System for Windows (SNORT)

Installing & Configuring Snort

Intrusion Detection With Snort

Real-Time Network Intrusion Detection with Snort! #NetworkSecurity #IntrusionDetection ##TechShorts

pfSense Snort Configuration (IPS \ IDS)

SNORT IPS/IDS auf pfSense Firewall installieren und Konfigurieren.

How To Setup Your Own IDS/IPS in PfSense With Snort

How to Install and Set Up Snort IDS on Linux to Secure Your Network