Description: Snort which is Signature-based IDS has some limitation, thus Snort isn't capable to detect any attack unless this attack is maintained in its rules set. I implemented an inspector for network traffic and its purpose is to detect the network scanning, this inspector is behavioral analysis-based. I have choose to detect the network scanning because it is the earliest stage in the active hacking step. If the inspector detect any network scanning it will send an alert to the administrator who is monitor the network on-time, now the administrator has a choice to redirect the traffic to a honeypot machine, more specifically a honeyd machine. After that the administrator can 'watch' and analyze the interaction between honeyd and the hacker. now if the data which is analyzing by the administrator gives an attack which is not listed in Snort rules and the administrator want to add this rule he/she can use my "Snort rule generator" which is friendly GUI to create new rule and then send it remotely to snort sensor. Feel comfortable all communications in my project are secure which means there are Authentication, Encryption, and integrity check.
Tags: Honeypots , Snort , IDS , Network , Security , Hacking ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Where can i get your "Snort rule generator" ?
السلام عليكم لا تتخيل مدي سعادتي يا أخي عند رؤية موضوع بالعربيه هنا
وفقك الله
هل ممكن أستغل افرصة في أني أطلب منك طلب؟
هل ممكن تشرحلنا snort بالعربي
جعلة الله في ميزان حسناتك
welcome i7-Cud4,Snort Rule Generator it is still has some bugs need to be fixed soon, but it is still working and you can download it from here
http://www.mediafire.com/?dneyc98qlko8dxd
3omda وعليكم السلام وحياك يا غالي
كما ترى في عرض الفيديو سنورت هو عبارة عن نظام تحقق للاختراق على الشبكة يعمل وفقا لقواعد المحفوظة فيه.. اذا عندك اي سؤال فيه رجاء لا تتردد
اسعدني مروركم
السلام عليكم اخي .. والف مبروك وربنا يزيدك من علمه انشاء الله والى الامام يارب .. الفكره جميله جدا والابداع ظهر جليا من استغلالك للبرمجيات مفتوحه المصدر وربطها مع بعض ...
انا استمعت لمشروع اكثر من مره وحاولت اعرف كيف ربط البرامج مع بعض .ز وكانت الفكره جميله .. بس انا عندي مجموعه استفسارات ... وهي طويله .. واريد ابعثها لك على الايميل
تحياتي ودمت