Snort for Hackers
Snort is the world’s most popular Intrusion Detection System/ Intrusion Prevention System (IDS/IPS). Originally developed by Marty Roesch as an open-source project, Snort and its parent, Sourcefire, were acquired by the networking behemoth, Cisco, in 2014.
Every hacker and network engineer should be familiar with Snort. As a hacker, you will need to evade it; as a network engineer, you will need to manage and depend upon it.
To learn the basics of Snort, check out my articles below.
How to Use Your Hacking Skills to Catch a Terrorist
Previously in my “Spy on Anyone” series, we used our hacking skills to turn a target’s computer system into a bug to record conversations and found and downloaded confidential documents on someone’s computer. In this tutorial, I will show you how to spy on anybody’s Internet traffic. For the sake of making
Snort Basics: How to Read and Write Snort Rules, Part 01
Welcome back, my novice hackers! My recent tutorials have been focused upon ways to NOT get caught. Some people call this anti-forensics—the ability to not leave evidence that can be tracked to you or your hack by the system administrator or law enforcement. One the most common ways that system
Snort IDS for Hackers, Part 01: Installing Snort
Welcome back, my neophyte hackers! In the world of information security, the most common intrusion detection system (IDS) you will ever encounter is Snort. As you probably already know, an IDS works similarly to antivirus (AV) software on your desktop; It attempts to identify malicious software on your network and
Snort IDS for Hackers, Part 02: Basic Configuration of your Snort IDS
Welcome back, my tenderfoot hackers! As you should know from before, Snort is the most widely deployed intrusion detection system (IDS) in the world, and every hacker and IT security professional should be familiar with it. Hackers need to understand it for evasion, and IT security professionals to prevent intrusions.
Snort IDS for Hackers, Part 03: Sending Intrusion Alerts to MySQL
Welcome back, my hacker novitiates! If you have been following this new Snort series, you know that Snort is the world’s most widely used intrusion detection/protection system. Now a part of the world’s largest network equipment company, Cisco, it is likely to be found everywhere in one form or another.
Snort IDS for Hackers, Part 05: Testing your Snort IDS Against Known Exploits
Welcome back, my greenhorn cyber warriors! In my previous posts in this series, we installed Snort, configured Snort, set up Snort to send alerts to a database (MySQL) and wrote Snort rules. In this post, we will test our new Snort installation to see whether it can detect and alert
Snort IDS for Hackers, Part 06: Configuring Snort to Detect the SolarWinds/Sunburst Backdoor
Welcome back, my aspiring cyberwarriors! In recent weeks I’m certain you have heard about the SolarWinds/Sunburst hack. Just to review, Russian state-sponsored actors hacked into the SolarWinds update server and installed malware into the software updates. As a result, everyone who received the March 2020 update, now has a Russian
Learn more in the courses:
