Snort Challenge - Live Attacks

Room Link: https://tryhackme.com/room/snortchallenges2

Kali

sudo gedit /etc/snort/rules/local.rules &

local.rules

drop tcp any any -> any any (sid: 1000001;)

Stop the attack and get the flag (which will appear on your Desktop)

Kali

sudo snort -c /etc/snort/snort.conf -q -Q --daq afpacket -i eth0:eth1 -A full

What is the name of the service under attack?

Kali

sudo snort -c /etc/snort/snort.conf -q -Q --daq afpacket -i eth0:eth1 -A console

What is the used protocol/port in the attack?

Kali

sudo snort -c /etc/snort/snort.conf -q -Q --daq afpacket -i eth0:eth1 -A console

Stop the attack and get the flag (which will appear on your Desktop)

Kali

sudo gedit /etc/snort/rules/local.rules &

local.rules

drop tcp any any -> any any (sid: 1000001;)

Kali

sudo snort -c /etc/snort/snort.conf -q -Q --daq afpacket -i eth0:eth1 -A full

What is the name of the service

Kali

sudo snort -c /etc/snort/snort.conf -q -Q --daq afpacket -i eth0:eth1 -A console

Last updated 2 years ago