Hi guys, I tried to add another network interface in order to bridge it to LAN. I tried to do it on virtualbox vm settings and when i did vagrant up after that, there was no bridged interface. Can anyone help me on this?
On Sun, Oct 22, 2017 at 11:44 AM, Syed Hammad Tahir <mscs16...@itu.edu.pk> wrote: > Ok, thankyou. I will let you know once I make snort sniff the traffic in > the given configuration, might be helpful for others. I will then try to do > that kafka topic and will ask if any help is needed. > > On Sun, Oct 22, 2017 at 6:10 AM, Laurens Vets <laur...@daemon.be> wrote: > >> Hi Syed, >> >> See inline. >> >> On 2017-10-20 00:32, Syed Hammad Tahir wrote: >> >>> I have installed the snort manually. Now I need help with : >>> >>> 1- Capturing the data of my lan and dumping it via snort :Snort cant see >>> the traffic outside vagrant vm, how do I make it see that traffic? >>> >> >> To be honest, configuring Snort to work on your LAN is out of scope of >> the project. Have a look at the documentation at https://www.snort.org/. >> You will probably have to add a 2nd network interface bridged to your LAN >> in promiscuous mode. Additionally, I think most of us expect some basic >> Linux & network administration knowledge when using Metron. >> >> 2- Making a kafka topic to push those saved logs in metron for >>> preprocessing >>> >> >> Have a look at the Metron documentation at https://metron.apache.org/curr >> ent-book/index.html. Adding a new sensor in the Metron UI will create >> the Kafka iirc. >> >> 3- Applying a basic Machine learning algorithm on the captured data. >>> >> >> I can't help you with this :) >> > >
