๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
๐Ÿ”’์ •๋ณด๋ณด์•ˆ/๋„คํŠธ์›Œํฌ ๋ณด์•ˆ

๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - Snort ๋ช…๋ น์–ด ๋ชจ์Œ

by Janger 2024. 3. 17.
728x90
๋ฐ˜์‘ํ˜•

 

 

rules ๊ฒฝ๋กœ

 

ls -l /etc/snort/rules/

 

 

ICMP ๊ฐ์ง€ ๋ฃฐ

 

# vi /etc/snort/rules/local.rules

alert icmp any any -> any any (msg:"ICMP Detected";sid:1000001;)

 

 

 

Snort ์‹คํ–‰(Linux)

 

snort -c /etc/snort/rules/local.rules -i eth0

 

 

Snort ์‹คํ–‰(Windows)

 

snort -c c:\Snort\rules\local.rules -l C:\Snort\log\

 

 

๋กœ๊ทธ(alert) ํ™•์ธ

 

tail -f /var/log/snort/alert

 

 

 

์ฐธ๊ณ : 

https://net123.tistory.com/580

 

Snort - 04. Snort ๋ฃฐ ๊ตฌ์„ฑ ๋ฐ ํ…Œ์ŠคํŠธ

Snort - 04. Snort ๋ฃฐ ๊ตฌ์„ฑ ๋ฐ ํ…Œ์ŠคํŠธ 1. ICMP ๋ฃฐ ์„ค์ • ๋ฐ Snort ํ…Œ์ŠคํŠธ root@Snort:~# vi /etc/snort/rules/local.rules # $Id: local.rules,v 1.11 2004/07/23 20:15:44 bmc Exp $ # ---------------- # LOCAL RULES # ---------------- # This file intentio

net123.tistory.com

 

728x90
๋ฐ˜์‘ํ˜•

'๐Ÿ”’์ •๋ณด๋ณด์•ˆ > ๋„คํŠธ์›Œํฌ ๋ณด์•ˆ' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - WebRTC(IP leak issue), NAT, ICE, STUN, TURN  (1) 2024.04.05
๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - NAC ์šฐํšŒ ๊ด€๋ จ Cheat Sheet  (0) 2024.03.28
๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - Snort ์นผ๋ฆฌ๋ฆฌ๋ˆ…์Šค 1.0 ์„ค์น˜  (0) 2023.11.17
๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - Snort ์œˆ๋„์šฐ ์„ค์น˜  (0) 2023.11.17
๋„คํŠธ์›Œํฌ ๋ณด์•ˆ - FTP ํŒจ์‹œ๋ธŒ ๋ชจ๋“œ(PASV EPSV)  (0) 2023.10.12

๊ด€๋ จ๊ธ€

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”