Book Image

Applied Network Security

By : Arthur Salmon, Michael McLafferty, Warun Levesque
Book Image

Applied Network Security

By: Arthur Salmon, Michael McLafferty, Warun Levesque

Overview of this book

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network. The book begins by showing you how to identify malicious network behaviour and improve your wireless security. We will teach you what network sniffing is, the various tools associated with it, and how to scan for vulnerable wireless networks. Then we’ll show you how attackers hide the payloads and bypass the victim’s antivirus. Furthermore, we’ll teach you how to spoof IP / MAC address and perform an SQL injection attack and prevent it on your website. We will create an evil twin and demonstrate how to intercept network traffic. Later, you will get familiar with Shodan and Intrusion Detection and will explore the features and tools associated with it. Toward the end, we cover tools such as Yardstick, Ubertooth, Wifi Pineapple, and Alfa used for wireless penetration testing and auditing. This book will show the tools and platform to ethically hack your own network whether it is for your business or for your personal home Wi-Fi.
Table of Contents (18 chapters)

Lab 3-execute Snort

Execute Snort from command line, as mentioned following. This activates Snort so it can start protecting your system:

# snort -c /etc/snort/snort.conf -l /var/log/snort/

Here, -c for rules file and -l for log directory.

Show log alert

The following is the example of a Snort alert for this ICMP rule:

root@vishnu:~# head /var/log/snort/alert 
[**] [1:2925:3] INFO web bug 0x0 gif attempt [**]
[Classification: Misc activity] [Priority: 3] 
12/02-17:08:40.479756 ->
TCP TTL:42 TOS:0x0 ID:14611 IpLen:20 DgmLen:265 DF
***AP*** Seq: 0x6C1242F9 Ack: 0x74B1A5FE Win: 0x2E TcpLen: 32
TCP Options (3) => NOP NOP TS: 1050377198 1186998
[**] [1:368:6] ICMP PING BSDtype [**]
[Classification: Misc activity] [Priority...