Wednesday, 24 April 2013

Snort On Backtrack 5


SNORT ON BACKTRACK 5 
snort on backtrack 5

INTRODUCTION
Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.

HOW TO OPEN SNORT ON BACKTRACK 5 
  • Backtrack > Services > Snort Services > snort start 
  • See the below image for more help -

HOW TO OPEN SNORT ON BACKTRACK 5
HOW TO OPEN SNORT ON BACKTRACK 5
SNORT STARTED 
  • Snort started .
  • See the below image for more help -

SNORT STARTED
SNORT STARTED
CONFIGURE SNORT
  • To configure snort , we use vim editor .
  • To open snort configuration file , enter the command as shown in the below image .
  • See the below image for command -

OPENING CONFIG FILE WITH VIM EDITOR
OPENING CONFIG FILE WITH VIM EDITOR
SNORT CONFIG FILE OPENED
  • Go to the next image .

SNORT CONGURATION
SNORT CONGURATION 
CONFIG HERE 
  • This is the area where you have to work .
  • Now the line where i use the yellow box and there you will find a line look like this var HOME_NET any . Now replace this any to your own internal ip address .
  • In my case my ip address is 192.168.72.129 ( as shown in terminal also ).
  • If you don't know your own ip address then use the ifconfig command . 
  • And at the end save this file by pressing ' Esc key then :wq  ' then press enter.
  • Note : To enter text in vim press ' i ' .
  • See the below image for more help -

SNORT CONGURATION
SNORT CONGURATION 
RESTART SNORT
  • Now restart snort , by entering the command as shown below.
  • See the below image for more details-

SNORT RESTARTED
SNORT RESTARTED
EXAMPLES 
Here is use Backtrack 5r3 as a snort machine ( IDS ) and Kali Linux as a attacker machine .
Both are open source linux so easy for you to download .
Now without wasting  time see the examples 

USING DMITRY FROM KALI LINUX
  • Here  i perform the Deepmagic Information Gathering Tool also known as 'Dmitry'.
  • I used this tool to scan for TCP Ports .

ATTACKER MACHINE
  • I look that Kali Linux uses dmitry to performing tcp scan on snort machine                            ( 192.168.72.129).
  • See the below image for more details -

SNORT DETECTION EXAMPLE 1
SNORT DETECTION EXAMPLE 1
IDS SNORT CAUGHT SOMETHING
  • Here you can see that Snort has caught something .
  • It shows a Tcp port scan is performed by the 192.168.72.128 ip address.
  • Its a very useful information.
  • See the below image for more details -

SNORT DETECTION EXAMPLE 1
SNORT DETECTION EXAMPLE 1
EXAMPLE 2 : PERFORM OS DETECTION SCAN 
  • Here i used nmap to perform " OS DETECTION SCAN ".
  • Command i used : nmap -v -A 192.168.72.129
  • See the below image of performing OS Detection scan on kali linux .

SNORT DETECTION EXAMPLE 2
SNORT DETECTION EXAMPLE 2
SNORT DETECTION
  • Now the best thing , you can see the behaviour of the scan that is performed by nmap .
  • See the red boxes that i have put , it shows so many things.
  • See the below image for more help-

SNORT DETECTION EXAMPLE 2
SNORT DETECTION EXAMPLE 2
CONCLUSION
  • So this is how you can use snort on backtrack 5.
  • Good in aspect of security .
  • You can use it to understand the behaviour of the attack .
  • There are lots of things you can do , use your ninja skills and sharp your security .
  • Thats it . Thank you for reading .
  • If you have any question , comments . You can post it here or you can join our facebook page . Its easy just click on a link given below -
JOIN US 
ON 
FACEBOOK
THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSE ONLY /-

3 comments:

Anonymous said...

awesome. this looks like a great tool

rahul gupta said...

thank dude ..can you please give a post for how to prevent wireshark from capturing packets..

Mahesh said...

can you please tell us how to use snort for total network and use it for IPS mode

Categories

Angry IPScanner On Backtrack 4 Arduino Arduino Opensource community attacks on router auditing tool Aurora Exploiting Through Kali Linux AUTOSCAN ON BACKTRACK 5 BackBox Linux On hackingDNA Backtrack 5 : Linux Commands Backtrack Bootable Pendrive Backtrack Tool : The Harvester Blender On Backtrack 5 Block Command Prompt Browser Autopwn On Backtrack 5 BUGTRAQ LOG REMOVER BLEACHBIT chkrootkit on Backtrack 5 chntpw on backtrack 5 cisco switches routing auditing tool. Client Side Attack On Backtrack 5 Command Shell Upgrade On Backtrack 5 Conky On Backtrack 5 convert guest account into admin using chntpw in backtrack 5 Convert Jpg Image into Ascii on Backtrack 5 countermeasures Cracking Unix Password On Backtrack 5 Cupp On Backtrack 5 Cutycapt On Kali Linux Detect Sniffer6 On Kali Linux dmitry on backtrack 5 Dnmap On Kali Linux dnsenum on backtrack 5 dnsrecon on backtrack 5 dnstracer on backtrack 5 dnswalk on backtrack 5 DOMAIN TOOL ON BUGTRAQ Dos attack driftnet on backtrack 5 dsniff on backtrack 5 enum4linux esp8266 EtherApe On BackTrack 5 ewizard on backtrack 5 ExifTool On BackTrack 5 Exploit Distccd On BackTrack 5 Exploit RDP Vulnerability On Kali Linux Exploit Samba Server On Backtrack 5 fatback on backtrack 5 FERN CRACKER ON BACKTRACK 5 Fierce in Backtrack 5 findmyhash : Crack the hash on Backtrack 5 Firewalk-Script On BackTrack 5 Firewall On Backtrack 5 Flash Player On Backtrack 5 Genlist On Backtrack 5 Gerix Cracker On Backtrack 5 Get Your Data Back Golismero On BackTrack 5 GOOFILE ON BUGTRAQ Google Kung-Fu goohost on backtrack 5 Grendel-Scan On Backtrack 5 gtk-recordmydesktop on backtrack 5 HACK BACKTRACK 5 via RAT Hack The Database with Backtrack 5 Hack the Facebook with Backtrack 5 Hack the windows in GNS3 Hack Windows XP using Backtrack 5 Hack Windows Xp using msfconsole hacking Hacking Lab 01 Hacking Windows 7 USING Backtrack 5 hackingdna hackingDNA choice :Best Antivirus Detection honeyd on backtrack 5 honeypot on backtrack 5 HOW TO INSTALL REDHAT ENTERPRISE LINUX 5 How to block ICMP request How To Install CAINE How to Install Chromium Browser on Backtrack 5 How to Install Windows 7 Ultimate How To Install Xampp On Kali Linux How to make new User in Backtrack 5 How to see files and directories on Linux how to use arduino in kali linux How to use Host Command on Backtrack 5 How to use Nano Editor on Backtrack 5 How to use Ping Command on Backtrack How to use whois tool on Backtrack 5 hping2 on backtrack 5r2 Httprint On BackTrack 5 icmpv6 flooding attack ifconfig command Installing And Accessing Backdoor On Backtrack 5 Installing software on Backtrack 5 using apt-get ipcalc on backtrack 5 Itrace On BackTrack 5 Jigsaw On Backtrack 5 Joomscan On Backtrack 5 KALI ARMITAGE ON KALI LINUX kali linux kali linux arduino Kali Linux Installation Kali Rolling Release 2016.2 keimpx on backtrack 5 Lanmap On Backtrack 4 Learn arping on Backtrack 5 Learn Basic of Internet with DAWN OF THE NET Learn Basics if Screen Utility Learn cmospwd on Backtrack 5 Learn dnsdict6 on backtrack 5 Learn fping on Backtrack 5 Learn Help Utilities Command On Backtrack 5 Learn hexedit on Backtrack 5 Learn how to hack root account on REDHAT5 Learn How to Install Backtrack 5 Learn how to make Bootable Pendrive Learn how to split Terminal into different regions Learn How To Split Terminal on backtrack 5 Learn how to use Armitage in Backtrack 5 Learn how to use chntpw on backtrack 5 LEARN HOW TO USE CISCO PACK ON BUGTRAQ - II Learn How to use ettercap on Backtrack 5 for hacking username and passwords Learn how to use Netstat Commands On Backtrack 5 Learn how to use nipper Learn How to work with Vim editor on Backtrack 5 Learn Linux Commands on Backtrack Environment Learn Netdiscover On Backtrack 5 Learn Pentbox On Backtrack 5 Learn Recoverjpeg on Backtrack 5 Learn samdump on backtrack 5 Learn TrueCrypt On Backtrack 5 LINUX NETWORKING COMMANDS ON BACKTRACK 5 linux OS LINUX PARTITION ON BACKTRACK 5 List-Urls On Backtrack 4 Load Balancing Detector On Backtrack 5 LOG REMOVER BLEACHBIT Lynis On Backtrack 5 Mac Tracker On Backtrack 5 macchanger on backtrack 5 Matriux Installation On hackingDNA Metaexploit Framework : Collecting Email Addresses Metasploit Framework With Basic Commands Meterpreter on Backtrack 5 mitre-cve on backtrack 5 MSF AUXILIARY SCANNING ON BACKTRACK 5 msf scanning on backtrack 5 nbtscan on backtrack 5 NESSUS ON BACKTRACK 5 Net Card Config Netcat : Learn how to create a instant chat session on Backtrack 5 netenum on backtrack 5 Netifera On Backtrack 5 NETMASK On Backtrack 5 NIKTO ON KALI LINUX Nmap Scanning On Backtrack 5 nmap smb script offensive security Oneko And Cowsay On BackTrack 5 OpenOffice On Backtrack 5 OpenVAS On Backtrack 5 Orion Browser History Dumper v1.0 Penetration Testing Pipal On Backtrack 5 PostgreSQL On Kali Linux Practice Session On Backtrack 5 PROTOS on backtrack 5 Reconnaissance Recover Kali Password Remote Desktop Connection Remote Desktop On Backtrack 5 Remote Desktop Sharing Removing Backdoor on Backtrack 5 Restrict Control Panel Restrict Registry Editor by Group Policies Rkhunter On Backtrack 5 router auditing tool Router Penetration Testing router security Safecopy On Backtrack 5 samba testing samrdump on backtrack 5 Scanning security auditing tool Shell Scripting On Kali Linux Shrink and Create Partition on Windows 7 Shutter On Backtrack 5 siege on backtrack 5 smb enumeration smb hacking Smbclient On Backtrack 5 Smtpscan On Backtrack 5 SMURF6 ON KALI LINUX Sniff Images on Backtrack 5 using Driftnet Snort On Backtrack 5 snurf6 Software Updates On Kali linux Spoof Your MAC Address on Backtrack 5 sql attack SSID ssldump on backtrack 5 sslstrip on backtrack 5 Start Backtrack 5 Without Startx Steam Locomotive On BackTrack5 Stop Bruteforce attack System Monitor On Backtrack 5 tcptraceroute on backtrack 5 Tctrace On Backtrack 5 TeamViewer On BackTrack 5 TELNET On Backtrack 5 Terminator On Backtrack 5 the Harvester On Backtrack 5 Things you should know about Backtrack Tweak Your System Settings On Backtrack 5 Tweak Your System Settings On Backtrack 5 Part 2 Unicornscan On BackTrack 5 Uniscan On Backtrack 5 urlcrazy on backtrack 5 urlsnarf on backtrack 5 WBOX on Backtrack 4 and 5 Weak points Web Httrack::Web Copier Websecurify On BackTrack5 Webshag On Backtrack 5 WEP CRACKING ON BACKTRACK 5 whatweb on backtrack 5 WHATWEB ON BUGTRAQ Wiffit (wafw00f): Firewall Detection Tool On Backtrack 5 wireshark Xpdf On Backtrack 5 xprobe2 on backtrack 5 Zenmap

Popular Posts