O'Reilly logo

Linux Networking Cookbook by Gregory Boyce

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Installing a Snort IDS

To start monitoring our network for irregular traffic, we are going to start by installing a Snort IDS. Snort is one of the oldest and most feature packed Open Source Network Intrusion Detection Systems (NIDS). It is free for use, and there is a wide collection of rules freely available for it, as well as information and support on designing your own custom checks.

How to do it…

  1. Install the snort daemon package:
    sudo apt-get install snort
    
  2. When prompted, enter the network interface which you want to monitor. For our example, we will use eth0, which on our router is the LAN port.
  3. Next, enter the network range which you consider local. We will use 10.0.0.0/24, which we previously defined as the LAN range. If desired, you can ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required