[Py] Snort IDS Script

For anyone working with Snort, its invaluable to have an environment to develop and test rules. This allows you to tune rules to be as effective as possible and can also be used to aid investigations in incident response situations. This latest blog is going to take you through how to setup a test lab on a Ubuntu 18.04 analysis machine. This will result in a simple script to analyse PCAPs with Snort using the Snort and Emerging Threats community rule packs. The script can be found on my Github:

https://github.com/mcb2Eexe/ids

Enjoy

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s