RESPOND TO THIS DISCUSSION POST BASED ON THE TOPIC What issues have you experienced with performing the Snort IDS lab?

What are some possible solutions to these issues? Review the snort website for additional documentation on the Snort IDS including the user manual for Snort.

1.JP). The main issue that I had with this lab was Snort initially it not recognizing my interface properly on my Ubuntu vm. First, I had to perform an ifconfig to see what my interface was actually named and change it in snort by typing in the correct interface. Secondly, I was opening the terminal as a standard user rather than root which caused snort to encounter a fatal error when trying to verify the version of snort. I saw on the snort manual that I can create user & group permissions that will eliminate this issue. After that, I didnt encounter any other specific issues; it is quite tedious trying to filter through the snort log since it is rather quite lengthy. I know that we can write the log and be able to search it based on Hands-On Project 8-4: Exploring Snorts Logging Function found on pg. 298 and 299 of our course textbook.

2CL). Setup and Preprocessor errors Some issues when installing SNORT: -Ethernet was asked if default is eth0. Based on my slight difficulty with Wireshark during the previous lab, I had to change this to ens33 -Asked if the scope of the IP is 192.168.xxx..xxx, I just left it default and hit enter Issues configuring SNORT: -At first, I kept getting snort aborted because of permissions after typing "snort-V" Turns out, I had to use sudo snort -v in order for SNORT to even launch properly. -After that, I kept getting no preprocessor is loaded. In order to fix this, I had to search that error on Google and found the solution, which is to run snort -v -c /etc/snort/snort.conf

3AV). Snort Installation I ran into the issue of not knowing which interface to put into Snort so it could listen in on my network activity. This came up during the installation process and after viewing the discussion board I was able to find the command I needed to determine which interface was most appropriate for my setup. I then go the "no preprocessor" error. I had to run a command to tap into the Snorth config file with a special command to help Snort run correctly. That being said, I am still exploring this particular tool in terms of the log that it generates.