Open in app

Sign in

Write

Sign in

Member-only story

TryHackMe | Snort Challenge — The Basics | WriteUp

Put your snort skills into practice and write snort rules to analyse live capture network traffic

Axoloth
T3CH
5 min readNov 9, 2024

--

↓↓↓ Click here and earn $5 TryHackMe credit ↓↓↓

https://tryhackme.com/signup?referrer=62f3f5b5f9ea33006194e018

TryHackMe | Snort Challenge — The Basics | WriteUp

Find the room here: https://tryhackme.com/r/room/snortchallenges1

Task 1 Introduction

Read the task above.

No answer needed

Task 2 Writing IDS Rules (HTTP)

Navigate to the task folder.

Use the given pcap file.

Write a single rule to detect “all TCP port 80 traffic” packets in the given pcap file.

What is the number of detected packets?

Note: You must answer this question correctly before answering the rest of the questions in this task.

164

Investigate the log file.

What is the destination address of packet 63?

216.239.59.99

Investigate the log file.

What is the ACK number of packet 64?

--

--

T3CH
T3CH

Published in T3CH

726 Followers
Last published 23 hours ago

Snoop & Learn about Technology, AI, Hacking, Coding, Software, News, Tools, Leaks, Bug Bounty, OSINT & Cybersecurity !¡! But, not limited 2, anything that is Tech Linked…You’ll probably find here ! ;) — Stay ahead with Latest Tech News! -> You write about? Just ping to join !

Axoloth
Axoloth

Written by Axoloth

156 Followers
11 Following

Cybersecurity & Artificial Intelligence

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams