This document is a twelfth lab assignment for IT 6843: Ethical Hacking, Network Security and Penetration Testing at Kennesaw State University, authored by Sai Sannihith Cheerla. It’s designed for students enrolled in the course and assesses their ability to implement and utilize a network-based intrusion detection and prevention system (IDS/IPS), specifically Snort.
This assignment is valuable for students seeking practical experience in network security. It’s completed during the course to reinforce theoretical concepts with hands-on application, preparing students for real-world ethical hacking and penetration testing scenarios. It exists as a graded component of the course, contributing to the overall assessment of student competency.
This lab assignment focuses on Snort installation, rule structure, and basic usage. It does *not* provide a comprehensive guide to all Snort features or advanced network security techniques. Students will still need to consult additional resources and develop a deeper understanding of network protocols and security principles beyond the scope of this lab.
This document provides: instructions for installing Snort on a Kali Linux virtual machine, examples of Snort rule structure, a guided exercise in modifying Snort rules to detect specific network activity (ICMP packets and web traffic), and questions to assess understanding of key concepts like network variables ($HOME_NET, $EXTERNAL_NET). It does *not* include detailed explanations of advanced Snort configuration, troubleshooting guides, or a complete list of all available Snort rules.