Task $01$: detecting network traffics.

To use Snort as a sniffer only, Snort sniffer mode is enabled using the $$v command line option. Other common options include $$d $($Dump packet payloads$)$ and $$e $($Display link layer data$).$

The second stage of an IDS is shallow packet inspection, where packets are filtered by header information. In sniffer mode, filters can also be specified to restrict the sniffer to certain packets, based on protocols, IP addresses, etc.

$1\mathrm{.}1$ start snort in Ubuntu machine using the command below

snort $$dev tcp port $923$

where tcp port $923$ restricts packet sniffing to packets with a TCP port $923.$

$$ Leave the Snort command running on the

$1\mathrm{.}2$ In a new terminal on the Target computer, navigate to a desired working directory $($e$.$g$.,/$home$/$user$/$workingDir$).$

$$ Run the following command to set up a listener on port $923$:

nc $-$l $-$p $923-$e $/$bin$/$sh

$$ Keep the nc command running on the Target computer.

$1\mathrm{.}3$ On the Attack computer, open or use a terminal

$$ Enter and run the following command, replacing IP address of Target Computer by the IP address of Target Computer:

telnet IP address of Target Computer $923$

$$ Run the command ls after telnet connects successfully to the target computer, $1\mathrm{.}4$ On Snort terminal use Control$-$C to stop Snort.

$$ Locate the sniffed textNote

Note: I need screen shots for each answer