Feb 3 · 5 min read · What we are going to discuss in this lab: In this lab, we will learn how to write custom Snort rules and test them against PCAP files to detect common real-world attacks, including: Detecting suspicious User-Agents Detecting EXE file Transfers in H...
Join discussion
Sep 3, 2025 · 4 min read · In this lab exercise, I will be using my knowledge of Snort as learned in the previous TryHackMe module, to write rules and apply them in order to analyse, inspect, and block network traffic. Please note, in this blog post, I will be primarily focusi...
Join discussionAug 30, 2025 · 5 min read · Hello there! And welcome to part 2 of TryHackMe’s Snort series! 4. IDS & IPS modes As mentioned in my previous post, IPS and IDS modes are Snort’s main modes. As per Snort’s definition, the system “uses a series of rules that help define malicious ne...
Join discussionAug 20, 2025 · 8 min read · I initially wanted to do a single article on TryHackMe’s first Snort room but halfway through it, I realized how long it was – so I decided to split it into two (or three) parts. Here’s the first one! Introduction In my previous article, when disc...
Join discussionMar 25, 2025 · 20 min read · Pernahkah kita bayangkan seberapa aman data yang kita simpan di cloud? Kita ambil contoh Openstack sebagai platform yang cukup populer saat ini. Dengan OpenStack kita bisa membuat infrastruktur berbasis cloud yang fleksibel dibanding platform lain. T...
Join discussion
Feb 18, 2025 · 9 min read · Giới thiệu Tiếp tục với phần trước của Snort IDS (Intrusion Detection System), Snort còn có thể hoạt động như một IPS (Intrusion Prevention System) để không chỉ phát hiện mà còn chủ động ngăn chặn các cuộc tấn công mạng theo thời gian thực. Ở chế độ ...
Join discussion
Sep 25, 2024 · 14 min read · ℹ️ Giới thiệu Snort là một hệ thống phát hiện và ngăn chặn xâm nhập (IDS/IPS) mã nguồn mở phổ biến, giúp giám sát và phân tích lưu lượng mạng để phát hiện các hoạt động đáng ngờ hoặc tấn công mạng. Được phát triển bởi Sourcefire (nay thuộc Cisco), Sn...
Join discussion
Aug 8, 2024 · 33 min read · In the cloud computing era, network administration skills are invaluable. Hybrid and multi-cloud environments require traditional networking knowledge to integrate on-premises infrastructure with cloud services. Cloud networking concepts like VLANs, ...
Join discussion
Aug 7, 2024 · 4 min read · In the realm of network security, setting up a robust Intrusion Detection System (IDS) is crucial for monitoring and protecting your network against potential threats. In this blog post, I’ll walk you through my journey of deploying a Network Monitor...
Join discussion
Feb 26, 2024 · 5 min read · To gain insights into the underlying protocols and strengthen defenses against attacks like ARP spoofing, several tools are available that can help us in network monitoring, analysis, and security. Check my list of the best tools to hack or detect AR...
Join discussion