Snort - 01. Snort 실습 환경 구성

Snort - 01. Snort  실습 환경 구성

 

 

 

 

192.168.2.50      192.168.2.100          192.168.20.100          192.168.20.101
Kali[vm8]───────[vm8]Firewall[vm1]────┬───────[vm1]snort
                                                                      │             
                                                                      └───────[vm1]Metasploitable2-linux
                                                                               192.168.20.204

 

 

 

1. metasploitable2-Linux Root 패스워드 설정 및 네트워크 설정

 

msfadmin@metasploitable:~$ sudo passwd root
[sudo] password for msfadmin: msfadmin
Enter new UNIX password: toor
Retype new UNIX password: toor
passwd: password updated successfully

 
msfadmin@metasploitable:~$ su
Password: toor
msfadmin@metasploitable:/home/msfadmin# cd

 

msfadmin@metasploitable:~# pwd

/root

 

msfadmin@metasploitable:~#

 

msfadmin@metasploitable:~#  vi /etc/network/interfaces

auto lo iface lo inet loopback   auto eth0 iface eth0 inet static         address 192.168.20.204         network 192.168.20.0         netmask 255.255.255.0         gateway 192.168.20.100         broadcast 192.168.20.255     :wq!

 

 

msfadmin@metasploitable:~#  /etc/init.d/networking restart

 

 

2. Snort 네트워크 설정

root@Snort:~# vi /etc/network/interfaces

auto lo iface lo inet loopback   auto eth0   iface eth0 inet static         address 192.168.20.101         network 192.168.20.0         netmask 255.255.255.0         gateway 192.168.20.100         broadcast 192.168.20.255    :wq!

 

root@Snort:~# service networking restart

 

 

 

 

3. Kali 리눅스 네트워크 설정

 

root@kali:~# vi /etc/network/interfaces

auto lo iface lo inet loopback   auto eth0 eth1   iface eth0 inet static           address 192.168.2.50           network 192.168.2.0           netmask 255.255.255.0           gateway 192.168.2.254           broadcast 192.168.2.255   iface eth1 inet static           address 192.168.20.50           network 192.168.20.0           netmask 255.255.255.0           #gateway 192.168.20.100           broadcast 192.168.20.255   up route add -net 192.168.20.0 netmask 255.255.255.0 gw 192.168.2.100   :wq!

 

 

root@kali:~# service networking restart

 

 

root@kali:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.2.254   0.0.0.0         UG    0      0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.20.0    192.168.20.100  255.255.255.0   UG    0      0        0 eth1
192.168.20.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1

 

root@kali:~# ping 192.168.20.101 -c 1
PING 192.168.20.101 (192.168.20.101) 56(84) bytes of data.
64 bytes from 192.168.20.101: icmp_seq=1 ttl=63 time=1.03 ms

--- 192.168.20.101 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.031/1.031/1.031/0.000 ms

 

 

root@kali:~# traceroute 192.168.20.101
traceroute to 192.168.20.101 (192.168.20.101), 30 hops max, 60 byte packets
 1  192.168.2.100 (192.168.2.100)  0.458 ms  0.271 ms  0.151 ms
 2  192.168.20.101 (192.168.20.101)  1.584 ms * *

 

 

root@kali:~# ping 192.168.20.204 -c 1
PING 192.168.20.204 (192.168.20.204) 56(84) bytes of data.
64 bytes from 192.168.20.204: icmp_seq=1 ttl=63 time=0.866 ms

--- 192.168.20.204 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.866/0.866/0.866/0.000 ms

 

 

root@kali:~# traceroute 192.168.20.204
traceroute to 192.168.20.204 (192.168.20.204), 30 hops max, 60 byte packets
 1  192.168.2.100 (192.168.2.100)  0.714 ms  0.547 ms  0.366 ms
 2  192.168.20.204 (192.168.20.204)  2.688 ms * *

 

 

root@kali:~# apt-get install ftp

 

 

 

[유튜브] 동영상 강의 링크 (구독! 좋아요!!!)

 

Snort - 1. Snort 실습 환경 구성   https://youtu.be/69i3DKzZAp0