Hello guys ,
So in this video I’m going to tell you How to use snort for intrusion Detection System to secure your webserver.
in this video i am using Kali Linux
1. You must installed Snort in your laptop (if you dont have it go to https://www.snort.org/)
2. go to directory /etc/snort/rules
3. make file with name is alerts.rules
4. fill the alerts.rules like in the video
5. Save with ctrl + o
6. go to prev directory or /etc/snort and then open snort.conf to configure your ip address and alerts.rules
7. fill the snort.conf like in the video, then save
8. type on the terminal snort -A console -i wlan0 -c /etc/snort/snort.conf -l /var/log/snort -K ascii
9. and then for try , atack it in another computer or use virtual machine
10. you can see history of attack in the terminal, or you can see the ip of hacker in the directory /var/log/snort
Click on the video for fuller explanation, thank you!
Thanks to Allah SWT and also Snort.org and Kali Linux