Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Applied Network Security

You're reading from   Applied Network Security Proven tactics to detect and defend against all kinds of network attack

Arrow left icon
Product type Paperback
Published in Apr 2017
Publisher
ISBN-13 9781786466273
Length 350 pages
Edition 1st Edition
Arrow right icon
Authors (3):
Arrow left icon
Michael McLafferty Michael McLafferty
Author Profile Icon Michael McLafferty
Michael McLafferty
Warun Levesque Warun Levesque
Author Profile Icon Warun Levesque
Warun Levesque
Arthur Salmon Arthur Salmon
Author Profile Icon Arthur Salmon
Arthur Salmon
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Introduction to Network Security FREE CHAPTER 2. Sniffing the Network 3. How to Crack Wi-Fi Passwords 4. Creating a RAT Using Msfvenom 5. Veil Framework 6. Social Engineering Toolkit and Browser Exploitation 7. Advanced Network Attacks 8. Passing and Cracking the Hash 9. SQL Injection 10. Scapy 11. Web Application Exploits 12. Evil Twins and Spoofing 13. Injectable Devices 14. The Internet of Things 15. Detection Systems 16. Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra 17. Offensive Security and Threat Hunting

Lab 2-create the following snort.conf and icmp.rules files

In this lab, you will create and setup configuration and rules files for Snort. These files determine how Snort will operate. After these files are in place Snort will be able to fully protect your system:

  1. Open the configuration file of Snort in a Terminal session type the following command:
      # leafpad /etc/snort/snort.conf
  1. Check the configuration file and determine if the ICMP rules are included or not. If not, include the following line:
      include /etc/snort/rules/icmp.rules
  1. Open the ICMP rules file and include the rule shown following:
      # leafpad /etc/snort/rules/icmp.rules
  1. Include the following mentioned line into icmp.rule file:
      alert icmp any any -> any any (msg:"ICMP Packet"; sid:477;
      rev:3;)
  1. Go ahead and save and close.

The preceding basic rule does alerting when there is an ICMP packet (ping...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime