Using Snort to Detect a Brute Force Hydra Attack

Developed with
QA

Lab Steps

lock
Starting the Cyber Network Security Lab Exercise

Ready for the real environment experience?

DifficultyIntermediate
Time Limit2h
Students8

Description

pfSense is a FreeBSD based router/firewall that can be configured with various plugin modules which can enable network operations and defend a network from malicious behaviour in the form of an IDS/IPS module called Snort.

Snort monitors network traffic on the router and attempts to match behavioural patterns and signatures with a set of rules that the admin configures. The admin can use rulesets generated by various companies but they will have to pay for them; they can also use a community ruleset, which the Snort community contributes to. It is not the most robust or honed ruleset but it is free to use.

Admins can also configure custom rules if the ruleset they are employing does not alert the security team to certain attacks.

The community ruleset is still rather large, with over 1200 individual rules designed to detect malicious behaviour.

You will be conducting a dictionary attack on the Metasploitable DVWA using Hydra and Burp Suite in Kali Linux and attempting to detect it on the router using Snort and the community ruleset. You will then assess if this ruleset will catch the attack and create a custom rule if required.

This lab is part of a series on cyber network security.

Learning Objectives

Upon completion of this lab you will be able to:

  • Demonstrate to delegates how Snort, its community rule set and custom rules can be used to detect malicious behaviour on a network guarded by a pfSense router/IDS

Intended Audience

This lab is intended for:

  • Cyber and network security specialists

Prerequisites

You should possess:

  • A basic understanding of Windows operating system environments
About the Author
Students1593
Labs19
Courses15
Learning paths6

QA is the UK's biggest training provider of virtual and online classes in technology, project management and leadership.