There's not enough Snort tutorials on YT, thanks for putting this out there. I would love to see a live demo of an attack taking place (real time) and the IDS/IPS vm capturing this as it goes down.
Amazing walkthrough from start to finish. Thank you for providing the documentation my man to follow along and ending the video with ideas to add onto this and expand but asking questions on what content we would like to see and the enthusiasm to create it. Hands down the cybersecurity community is very thankful to have you and as always thank you so much for what you do for the community and looking forward to more technical tool and scenario walkthroughs like these and more to come great work!
Hello, first of all, thank you for the video; it was very helpful for me. I would like to take the output from Snort and save it in JSON format. Could you please guide me on how to do this? Thank you in advance.
Server type, you can use the GUI if you are not comfortable with CLI 👍 That is what I did in the beginning until I quickly realized in the real world, everyone is using CLI which is mainly the reason why I do it this way in my videos.
Please can you help me with installing Snort 3 on Ubuntu 24.04. I am currently in the Thesis phase of my study and need Snort. The error am receiving is at the installation of the prerequisite phase. "E: unable to locate package zlib1g-dev" and also libtool and libmnl-dev. Thanks
Hii MYDFIR I have been working in supporting project nearly 2 years.Now I want to shift my career into cybersecurity. Can you suggest which cybesecurity is best I mean cloud security analyst, or network analyst or Soc analyst.plz suggest me...
Hi , i am a 63 years old and trying to learn a little bit about cyber , so i'm a newbie in this field, what i'm trying to understand about a snot how is it running ? Why i can't enable it with systemctl systemctl enable snort.service Failed to enable unit: Unit file snort.service does not exist? And how to monitor it , or i have to look everytime in snort log , how do i get an alert if something wrong ? Thank you very much.
Welcome! Snort must be installed first before you can enable its service. To monitor the alerts coming in real time, you will need to use another tool such as Splunk to alert you or sguil - hope that helps!
![SahBabii - Viking [Official Music Video]](http://i.ytimg.com/vi/D37cL92JX0I/mqdefault.jpg)
There's not enough Snort tutorials on YT, thanks for putting this out there.
I would love to see a live demo of an attack taking place (real time) and the IDS/IPS vm capturing this as it goes down.
That is a fantastic idea ❤️
Amazing walkthrough from start to finish. Thank you for providing the documentation my man to follow along and ending the video with ideas to add onto this and expand but asking questions on what content we would like to see and the enthusiasm to create it. Hands down the cybersecurity community is very thankful to have you and as always thank you so much for what you do for the community and looking forward to more technical tool and scenario walkthroughs like these and more to come great work!
Thanks Joshua! More to come for sure ❤️
Best instruction video on snort3. Thanks!
Wow, thanks!
Hi MyDFIR. This tutorial is a master class, especially for Snort 3! Simple, straight forward, and strong. Thanks
Thank you for watching ❤️
Thanks to your video I was able to finish my assignment on snort! 😭
Nice!
This is great. Could you be kind enough to prepare another video on Snort 3 IPS, especially using NFQUEUE?
Sir , defenetly we need the splunk tutorial this is so special❤
👀 thanks for watching!
Sweet this is great content!
Glad you enjoy it!
Compliment!!! Very good video!!
Thank you very much!
how can i get back my eneric-receive-offload and large-receive-offload switch on again???
Can you please make a video to integrate snort v3 to splunk as well .... thank you
Please can you provide a guide on setting rules to detect and prevent DDoS and Sql injection attacks, and storing the alert in CSV file? Thanks
Hello, first of all, thank you for the video; it was very helpful for me. I would like to take the output from Snort and save it in JSON format. Could you please guide me on how to do this? Thank you in advance.
Thanks from India.
Thanks for watching!
very detailed
Glad you think so!
im down for fowarding the logs into splunk / digest it into splunk super cool!
+1 please make it @MyDFIR
👀👀 Thanks for watching!!
i am having issues with the unzip pcap password, i typed infected but its not working
it worked, they changed the password "infected _followed by the date"
WOW, you really know your stuff.
Haha thanks! I know very little still... but I try!
Which one operation system you used on everyday tasks?
I use windows 10 for everyday tasks as it just works. If i need linux capabilities ill use WSL for it and lab stuff ill use whatever is needed
I cant get snort to create any pcap files any help?
Are you listening on the correct interface?
@@MyDFIR I have the -i set to my interface so im not sure whats going on
When you mentioned that you are using a ubuntu server, is that also the ubuntu desktop with the graphical design or the server type?
Server type, you can use the GUI if you are not comfortable with CLI 👍 That is what I did in the beginning until I quickly realized in the real world, everyone is using CLI which is mainly the reason why I do it this way in my videos.
@@MyDFIR Ah thank you, that explains it.
Please can you help me with installing Snort 3 on Ubuntu 24.04. I am currently in the Thesis phase of my study and need Snort. The error am receiving is at the installation of the prerequisite phase. "E: unable to locate package zlib1g-dev" and also libtool and libmnl-dev. Thanks
Do double check your spelling for those packages
Do you have use ubuntu distribution or can I use another like kali linux?
The list of compatible flavors are on their site, I would suggest looking into that to make sure
Can you make a video in installing OpenVas?
Great suggestion!
@@MyDFIRthank you for your knowledge
Any chance you could update this with an install for kali
It will be the same as Ubuntu server uses Debian base os and so does kali
Hii MYDFIR
I have been working in supporting project nearly 2 years.Now I want to shift my career into cybersecurity. Can you suggest which cybesecurity is best I mean cloud security analyst, or network analyst or Soc analyst.plz suggest me...
Hi yeaterday snort worked well ,today i got Analyzer: Failed to start DAQ instance
Services are running? Have you tried restarting? Try to view the logs and see if it tells you why DAQ stopped.
Thank you i will @@MyDFIR
Hi , i am a 63 years old and trying to learn a little bit about cyber , so i'm a newbie in this field, what i'm trying to understand about a snot how is it running ? Why i can't enable it with systemctl systemctl enable snort.service
Failed to enable unit: Unit file snort.service does not exist? And how to monitor it , or i have to look everytime in snort log , how do i get an alert if something wrong ? Thank you very much.
Welcome! Snort must be installed first before you can enable its service. To monitor the alerts coming in real time, you will need to use another tool such as Splunk to alert you or sguil - hope that helps!
Thank you very much!@@MyDFIR
no alert is generated ..
You could try with other PCAPs to test
Devil.