For this lab you will require at least two pcs or a computer running virtual box with two instances of a computing environment.
Links to VirtualBox : https://www.virtualbox.org/wiki/VirtualBox
https://www.virtualbox.org/manual/UserManual.html
Lab 4 (On 1 pc or instance )
- Install Snort
- Set snort to log all hits based on the rules.
- Create the rule to alert and log all traffic:
alert ip any any -> any any (msg: “IP Packet detected”; sid: 10000;)
- Ping your system either from another machine on the network of conduct a self test. All of your ping traffic should be logged.
- Check your logs under snort\logs folder
PORT SCAN
(On the PC or the instance that is not RUNNING snort)
- Install NMAP: Install for the instance or system OS that you are using:
- Conduct an port scan
- The rule that was previously created would / should also capture your port scan traffic.
Submit your log files to show you completed the assignments on blackboard. Please ensure that your logs have the following naming convention: LastName-FirstInitial-Lab4
ALL LABS WILL BE SUBMITTED IN BLACKBOARD