Posts

Configuring SNORT on Network using Kali Linux

Image
  What is SNORT ? Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users. Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion prevention system. Snort can be downloaded and configured for personal and business use alike. IN THIS BLOG WE WILL CONFIGURE SNORT ON LOCAL HOME NETWORK Here I will show you how you can configure some set of Rules to get alert message from your local home network(WIFI) if someone using youtube, Facebook. LETS START:- STEP 1:- Download and Install SNORT in Kali Linux  using command apt install snort  STEP 2:- move to snort directory using command "cd /etc/...
Post a Comment
Read more

MITM Attack using Ettercap and Packet Analyzing using Wireshark

Image
  It is an attack in computer networks where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. It is an active eavesdropping in which the attacker can alter the message in the communication ie, the entire conversation can be controlled by the attacker and inject new ones. Ettercap is probably the most widely used MITM attack tool. Ettercap enables us to place ourselves in the middle between two machines. It basically a suite of tools to simplify MITM attacks. It can be used either from the command line (CLI) or the graphical user interface (GUI). Ettercap is GUI based tool built in Kali linux and that has been used in MITM attack here. Step 1: Start ettercap  by typing following command in terminal as kali > ettercap –G and the ettercap GUI will start as shown below. Then select the primary interface as shown below and click on start as shown above Wait until it shows message "...
2 comments
Read more