RESPOND TO THIS DISCUSSION POST BASED ON THE TOPIC “What issues have you experienced with performing the Snort IDS lab? What are some possible solutions to these issues? Review the snort website for additional documentation on the Snort IDS including the user manual for Snort.”
1.JP). The main issue that I had with this lab was Snort initially it not recognizing my interface properly on my Ubuntu vm. First, I had to perform an ifconfig to see what my interface was actually named and change it in snort by typing in the correct interface. Secondly, I was opening the terminal as a standard user rather than root which caused snort to encounter a fatal error when trying to verify the version of snort. I saw on the snort manual that I can create user & group permissions that will eliminate this issue. After that, I didn’t encounter any other specific issues; it is quite tedious trying to filter through the snort log since it is rather quite lengthy. I know that we can write the log and be able to search it based on Hands-On Project 8-4: Exploring Snort’s Logging Function found on pg. 298 and 299 of our course textbook.
2CL). Setup and Preprocessor errors
Some issues when installing SNORT:
-Ethernet was asked if default is eth0. Based on my slight difficulty with Wireshark during the previous lab, I had to change this to ens33
-Asked if the scope of the IP is, I just left it default and hit enter
Issues configuring SNORT:
-At first, I kept getting snort aborted because of permissions after typing “snort-V”
Turns out, I had to use sudo snort -v in order for SNORT to even launch properly.
-After that, I kept getting no preprocessor is loaded. In order to fix this, I had to search that error on Google and found the solution, which is to run snort -v -c /etc/snort/snort.conf
3AV). Snort Installation
I ran into the issue of not knowing which interface to put into Snort so it could listen in on my network activity. This came up during the installation process and after viewing the discussion board I was able to find the command I needed to determine which interface was most appropriate for my setup. I then go the “no preprocessor” error. I had to run a command to tap into the Snorth config file with a special command to help Snort run correctly. That being said, I am still exploring this particular tool in terms of the log that it generates.
Allow your discussion posts to be detailed and capable of sharing knowledge, ideas and points. You must discuss the topic using your own words first. Using your own words indicate you understand the topic of discussions. Secondly, you must cite your sources in-text. This is necessary to justify your points. Sources from several sources showed good research abilities. Lastly, you must provide references at the bottom of your post. A discussion post without justification with sources does not show proper research abilities. A terse and not detailed discussions represent post that would not provide enough sharing of knowledge or proper understanding of the topic. DO NOT just copy and paste a sentence from online with citation at the end as your own discussion. I have not asked for definitions, I asked for discussions and will not buy this. You must show understanding of the discussion topic by using your own words to describe the topic and then justify that with sources. to format references into the APA style if necessary. Extremely important. Intext citations is very essential and highly needed as well.
use double spacing, 12-point Times New Roman font, and one-inch margins. Sources should be cited according to APA citation method (citation should be relevant and current). Page-length requirements:3 PAPARAGRAPHS FOR EACH PROMPT ANSWER. Make sure you cite if you take a piece of someone’s work, very important and your reference should relate to your writing (don’t cite a reference because it relates to the course and not this very paper) at least 2 current and relevant academic references. No heavy paraphrasing of others work.