How to install Snort and use as Web Application Firewall!

Considering a number of attacks on web application these days, one must be pro-active in case of the security. You might already be using Web Application Firewall for your web application security including but not limited to ModSecurity. However, ModSecurity works at the application layer. That means it is installed with Web Server Software (Apache, Nginx etc). Any malicious packets…

Packet sniffing using Snort

I’ve explained in my last tutorial that how you can install snort on Ubuntu, if you have not installed it yet you can click here. In my article where I explained how to install snort, I mentioned that snort have two running modes,  today we will see how we can do packet sniffing using snort. What is packet sniffing? In…

How to install snort intrusion detection system on Ubuntu!

Snort is a signature based intrusion detection system, it either drop or accept the packets coming on a certain interface depending on the rules you have used. In a signature based intrusion detection system packets headers and their payloads are matched against specific predefined rules/strings to see if they contain a malicious content. Snort can run in two modes: Packet…