Network Intrusion Detection System Using Snort

Title:

Network Intrusion Detection System Using Snort

Description:

This project demonstrates the implementation of a Network Intrusion Detection System (IDS) using Snort on a Linux environment. The system monitors network traffic and detects malicious activities such as port scanning, brute force attacks, and suspicious HTTP requests.

The lab environment was created using VMware with two virtual machines: one attacker machine running Kali Linux and another machine running Ubuntu with Snort installed.

Key features of the project include:

Detecting ICMP ping attacks

Detecting port scanning attempts using Nmap

Monitoring HTTP traffic and suspicious requests

Creating custom Snort rules for attack detection

Logging alerts and analyzing traffic using Wireshark

Tools used:

Snort, Kali Linux, Wireshark, VMware, Nmap