A survey, shows that less then 40% of the British public feel they are well informed about science.

New Articles - Earth's Carbon Cycle Ultra Sonic Frogs Environmental Niche & Dinosaurs Seismic Waves Global Warming Life Support Systems Introduction to the Big Bang The Problem of Acid Rain

Our science section is in production with a proposed 1 Mar 07 "Grand launch" date.


The Linux Convert site explains how, even today, building your own linux box can be cheaper than getting an off the shelf Windows PC. There is a new article on why you should use linux there now.

New articles: Firewall Bypass Attack Snort For Newbies Malware and Intrusions Intrusion Detection Systems Malware, Trojans and Virus infections and Infection Removal

If you have any comments or suggestions for topics we should cover under the technology banner then please stop by the discussion board and let us know.

Using Snort

Page 2 of 3

The Basics

From now on, I am going to pretentiously refer to Snort as sn0rt. This is assuming that you have successfully installed it, and Ethereal, so can start thinking of yourself as a l337 h4x0r (By the way, this is irony. If this is incomprehensible to you, you are still a member of the human race. There is a reasonable explanation of l33tspeak on Wikipedia You are supposed to use it now that you have sn0rt. Get with the program.

It's also a good idea to have a network to detect intrusion on, if you are intending network intrusion detection. Otherwise you can do it on one PC, which is a good idea anyway if you want to run it on a network in the future with some confidence about what you are doing.....

I am going to assume that you can read the manual, so I am going to shortcut everything here. Open a DOS window (with run, cmd.) Navigate to the sn0rt\bin folder then type something like :

snort -vde -i 2 -l ../log

This depends on which network card you are monitoring (The -2 refers to the card. Try out a few numbers if it doesn't work. The /log refers to the log directory, which you should have. If not, set it up from the snort folder. The ../ will go one step up the path before looking for the log folder.)

If everything is working OK, sn0rt should charge into action and start identifying the packets going through it. When you have had enough, ctrl & c will stop it. It's probably a good idea to do this after about ten minutes to half an hour, depending on the rate of traffic, so you can see what you're getting, before the files get huge. Use the Up arrow key to call back the command to run sn0rt and press enter to start it off again.

Page 1 | Page 2 | Page 3

XHTML CSS level 2 W3 Sites Any Browser GEO Url


RSS Feed

News Provided By The BBC