User Guide: snort - secviz/davix GitHub Wiki

Site

www.snort.org

Summary

Intrusion Detection System to analyze life traffic or network capture files.

Links

Snort Users Manual
VRT

Command Line Quick Start

Currently there is no help available for snort.

How to Get it Working

  • Open a console.
  • To start the Snort daemon execute the command: 
    sh /etc/rc.d/rc.snort start
  • The Snort alerts are recorded in a log file. To view the alerts, tail this log file with following command: 
    tail -f /var/log/snort/eth0/alert
  • Open Firefox and access following URL: 
    http://www.iplosion.com/davix/..%255..%255..%255..%255cmd.exe
  • In the snort alert log the attack should now be visible as Double Decoding Attack.
  • To stop the Snort daemon execute the command: 
    sh /etc/rc.d/rc.snort stop

Comments

Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️