N/APosted on - 11/27/2013
I have installed Snort Intrusion detection system on Ubuntu virtual machine with snort rules that are freely available on snort website plus jpgraph. After installing I tested it with the Nmap using following command. nmap -A 192.168.174.131. But no records are available in JpGraph. What could be possibly went wrong ?
Snort doesn’t trigger by the port scan
To use snort an nmap you have to install them on physical operating system on real hardware and not using an virtual machine. But you do not have to perform an Linux installation. There are some live distributions that are having all the necessary pen testing tools prebuild. Look ad Knoppix-STD on Knoppix pen testing remix or Kali Linux on Kali Linux web page. Kali Linux was known before as Backtrack Linux. It is an good collection of pen testing tools.