Intrusion Detection With Snort
Рет қаралды 62,542
2 жыл бұрынThis video covers the process of using custom and community Snort rules. An IDS is a system/host planted within a network to capture traffic and identify malicious activity based on predefined rules, after which, this malicious activity is logged, and a notification is sent to the relevant parties informing them of an intrusion.
You can register for part 2 of this series for free here: bit.ly/3yJqT3c
//LINKS
Snort Website: www.snort.org/
Snorpy Rule Generator: www.cyb3rs3c.net/
Video Slides: bit.ly/38BGqYi
Register For Part 2 Of This Series: bit.ly/3yJqT3c
Get 100$ In Free Linode Credit: bit.ly/39mrvRM
//PLATFORMS
BLOG ►► bit.ly/3qjvSjK
FORUM ►► bit.ly/39r2kcY
ACADEMY ►► bit.ly/39CuORr
//SOCIAL NETWORKS
TWITTER ►► bit.ly/3sNKXfq
DISCORD ►► bit.ly/3hkIDsK
INSTAGRAM ►► bit.ly/3sP1Syh
LINKEDIN ►► bit.ly/360qwlN
PATREON ►► bit.ly/365iDLK
MERCHANDISE ►► bit.ly/3c2jDEn
//BOOKS
Privilege Escalation Techniques ►► amzn.to/3ylCl33
Docker Security Essentials (FREE) ►► bit.ly/3pDcFuA
//SUPPORT THE CHANNEL
NordVPN Affiliate Link (73% Off) ►► bit.ly/3DEPbu5
Get $100 In Free Linode Credit ►► bit.ly/39mrvRM
Get started with Intigriti: go.intigriti.com/hackersploit
//CYBERTALK PODCAST
Spotify ►► spoti.fi/3lP65jv
Apple Podcasts ►► apple.co/3GsIPQo
//WE VALUE YOUR FEEDBACK
We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms.
//THANK YOU!
Thanks for watching!
Благодарю за просмотр!
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Obrigado por assistir
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
-----------------------------------------------------------------------------------
#Cybersecurity#BlueTeam
@scalarcoding Жыл бұрын
Thanks bro. you just saved a college student who is building a capstone project
@cyberrick5142 2 жыл бұрын
Great work on these Snort videos! Very informative.
@Diego-rc1zi 2 жыл бұрын
You are amazing, very clear information, very descriptive, I understand eveything, I'll recreate it on my side, you rock Alex!
@kosmonautofficial296 2 жыл бұрын
I am so mad that I am subbed to you but haven't seen any videos in my feed in like a year. Great video as always keep up the great work!
@isaacmihaeli3261 Жыл бұрын
Great tutorial and right-to-the-point examples. I will look to other videos to learn more.
@aryamarga108 2 жыл бұрын
Based God Alexis. Had so much fun setting up this IDS and actually seeing the fruits of my labor (alerts ringing as ICMP protocols are sent through the network). Was excited to pass the traffic logs through Wireshark and to understand that you can actually pass the alerts generated through fast mode to Splunk. Things are finally making sense now. This series has been really fire. Keep up the good work.
@HackerSploit 2 жыл бұрын
Thank you very much for the feedback, i am glad you have found value in the content.
@googleuser4955 Жыл бұрын
@@HackerSploit can we set this in windows 10 or 11
@au-zy1mg 3 ай бұрын
真的非常感谢!过去的两天我把大多数时间都花在如何配置依赖文件上,对snort本身一点都不了解,出了什么错也不清楚。现在我终于明白了♥
@kevingendron5586 2 жыл бұрын
Excellent content and explanations!! Now, to give it a try. Thanks very much for this!
@elliotfn7440 Жыл бұрын
Thank you so much for this perfect explaining!
@adityapundir6529 2 жыл бұрын
Great work, keep it up!
@fabricenade9982 2 жыл бұрын
You're too AweSome Teacher. Thanks very much !!!
@ajaynanganath88 2 жыл бұрын
Very informative. Thank you.
@williamshenk7940 8 ай бұрын
Thank you, excellent tutorial!
@muhammadhassoub299 2 жыл бұрын
Great content. Thank you very much
@EeBbEeNnn 4 ай бұрын
Very nice tutorial 👍🏾
@josebaezc.7709 2 жыл бұрын
Keep Follow you :) from Dominican Republic. Gracias por todos los tutoriales.
@theAlmightyGod09 13 күн бұрын
Thank you for the video. Please I am trying to get the part 2 of the series but the link is no more active. I will appreciate any pointer to part 2.Thank you once again.
@Meganano 2 жыл бұрын
Thank you alexis🙏
@billigerfusel 2 жыл бұрын
Now that's some good shit we need more of on KZfaq
@christojojo6590 9 ай бұрын
what is the difference between the log files which saved in var/log/snort and log files saved under /var/log/snort/alert ?
@samuelannapureddy8640 2 жыл бұрын
It might be great if you increase the video quality. However, providing great content. Support and love from India!!
@Hartley94 2 жыл бұрын
yeah, following.
@ColdSteel-dz3pf 2 жыл бұрын
Nah bro his quality is spot on
@webghost 2 жыл бұрын
Videos can only be watched at lower resolution for the first hours after the upload and then it should be at 1080p as he intended
@ColdSteel-dz3pf 2 жыл бұрын
@@webghost it’ll be alright bro! However, this channel has helped me in such a huge way that I’m not crying about res. I’d watch this in 8-bit, but hey different strokes, different folks
@miguelcrtz Ай бұрын
thank you very much
@ershadramezani6716 Жыл бұрын
thanks for this amazing playlist. although, for SMBv1 exploit, my snort don't capture the exploit trafic. should i pass the trafic through the snort VM? because it's not mentioned in the video.
@amf9913 2 жыл бұрын
Thank you !
@haziqhilman6749 2 жыл бұрын
i just read my senior fyp which have the same title. what a coincidence
@kylerabirached5741 3 ай бұрын
Any way to make the alert send an email or message of some sort to another device when the pings are detected ?
@youngprogrammer5258 2 жыл бұрын
I tried many ways, I even modified my iptables rules, firewall restrictions, and all the possible ways, but still I cant get reverse shell. Netcat doesn't listen to my reverse shell, so I stucked in the root me room for more than a week. I need help, please anyone suggest me any ideas to overcome this.
@RoihanMuhammadIqbal-ox7td 5 ай бұрын
Guys, I want to ask about snort. I installed snort on ubuntu with VM UTM software on Mac M1. Usually I can detect traffic using snort in the Virtualbox VM because there is a promiscuous allow all feature. But I'm now using UTM and it doesn't have that feature. So I enabled promisc in the ubuntu server terminal with the command: sudo ip link set enp0s1 promisc on, or sudo ifconfig enp0s1 promisc . However, I couldn't detect any traffic other than traffic going to the server with Snort installed. Do you have a similar solution or case?
@muhammadnoraiz615 Жыл бұрын
What if we want to use snort as an IPS ? alert, pass, log actions are working in this scenario but drop or reject not . how could we set up it as an active IPS ? anyone ?
@congtruongvu6363 Жыл бұрын
Thanks for video!!. So i have a question. After detection attacks, how can i stop it on my Snort
@gamingunlimited9609 2 жыл бұрын
was waiting from yesterday
@aessi2746 Жыл бұрын
Help!!! I have configured and followed all the way most of the stuff is working but for some reason when i exploit win 7 i am only getting two alerts and the alert message is not generating as well.
@AhmedAli-rw3oz 2 жыл бұрын
بجد ممتاز جدا
@JourneyTowardsTheCreator 3 ай бұрын
Hi i am following your tutorial for network intrusion but i am encountering an issue related to ssh , it says connection refused though i have tried every possible solution for this ..
@newwarrior-wi1fy 8 ай бұрын
Alexis, can you send the windows 7 unpatched iso you used for testing eternalblue on?
@DamienThorn5175 Жыл бұрын
Great vid mate. I am running Ubuntu on W11 and I see any local rules I have applied. Cheers
@nathandaniel3512 3 ай бұрын
The link to the part 2 is unavailable, can you help?
@jensulrich4848 2 жыл бұрын
Best Instructor ✌️👌
@uuusa7 2 жыл бұрын
what is interface enp0s3 ? my wifi antenna?
@gadgetbro02 2 жыл бұрын
can you please share a video about how "metaspoliteable and ubuntu machine that runs Snort" running in same netwrok inside virtualbox. how you manage virtualbox internal network as a Home network for "Metaspoliteable machine and ubuntu machine" . Please 🙏🙏🙏🙏🙏🙏🙏🙏
@aessi2746 Жыл бұрын
Hi, is it necessary to have a wired connection for this lab or not, mine virtual machine is set to NAT and not the bridge connection. If i change it i loose acces to the internet and my ububtu and kali both have the same ip address so when i ping the adress from kali it just pings it self. can someone help or let me know what am i doing wrong, Thanks.
@aessi2746 Жыл бұрын
I was able to fix it, just needed bridge connections, changing ip addresses and making a chnage to the snort.conf
@SecurityTalent 2 жыл бұрын
Great
@passaronegro349 2 жыл бұрын
hello .. would it be possible to put subtitles in portuguese ??? because we follow your work here in Brazil!!
@HackerSploit 2 жыл бұрын
Hello, we will work on getting the videos transcoded. Greetings to Brazil!
@passaronegro349 2 жыл бұрын
@@HackerSploit appreciate !!! because 43 people here in Brazil watch your video ..but not all of them use English !!! and we wait for the next videos !!!!!🇧🇷✨
@britox.6216 2 жыл бұрын
timestamps please! greatful for the content
@marcpayz8747 4 ай бұрын
Legend
@muhammadhassoub299 2 жыл бұрын
Waiting you to cover Zeek 😏
@shmasshah Жыл бұрын
you need to explain the networking setup more otherwise it just sniffs its own VM and thats it more or less
@shmasshah Жыл бұрын
also it doesnt go well with parallels setup
@z_emed Жыл бұрын
Snorpy Rule Generator is banned?!
@Rubalix 7 ай бұрын
Your probably some special software to protect you from malicious websites. Snorpy is insecure, so it was probably flagged.
@GajendraMahat 2 жыл бұрын
first view
@cyberghost_01 Жыл бұрын
how can snort in ubuntu vm sniff traffic that is not directed to his NIC?
@dustinodunne3572 6 ай бұрын
Change to a bridged connection Itll have a 192.168.x.x IP so you'll be able to interact with your entire subnet like any other device
Eater Straw Hat
Рет қаралды 23 МЛН
Home SysAdmin
Рет қаралды 19 М.
Lawrence Systems
Рет қаралды 57 М.
FISPECKT
Рет қаралды 225 М.
KingStore_astrakhan
Рет қаралды 4,1 МЛН
Immersed
Рет қаралды 6 МЛН