I'd got the same problem with the questions that you didn't found, and I really entered to this video trying to found the answers. Finally i found that the mode that works similar to NIPS is "NBA" (Network Behaviour Analysis), and the kind of NIPS that it is is "full-blown". Hope it will help!
@MFmyk3 Жыл бұрын
thank you for explaining this. Been going through the SOC pathway and snort has completely stumped me by not fully explaining the contents of the output it gives (might as well be hieroglyphs lol) . Your teaching and break down of the concepts were super helpful in learning the fundamentals of it.
@MFmyk3 Жыл бұрын
Is it possible to share your notes you keep referencing in the video?
@MotasemHamdan Жыл бұрын
Thank you for the remarks. The notes are part of the third tier of the channel membership@@MFmyk3
@gabrieltorres6881 Жыл бұрын
Thanks!
@MotasemHamdan Жыл бұрын
Thank you Gabriel.
@chicaomassari2 жыл бұрын
According to the official description of the snort, what kind of NIPS is it? full-blown
@assassino6892 жыл бұрын
As usual, the greates professor! Thanks Motasem!
@wabisabi846 ай бұрын
I'm sharing my experience here, hopefully, it helps others. I initially missed a key step in Task 8: Operation Mode4 - PCAP Investigations. There are multiple ways to get to point B but I choose the following path: Mr. Hamdan provided a helpful bash command to locate the relevant file: find . -name "icmp-test.pcap". After accessing the directory, I used the command while directory Task 8: snort -r icmp-test.pcap and had no problems moving to the next step. Thank you Mr. Hamdan
@cloudhobbyist2 жыл бұрын
3rd to last question in task 4 is "full-blown". It is listed in the description of snort under the blue highlighted letters section.
@deicyricks17002 жыл бұрын
OMG!!!!! Thank you so much ! I feel less than dumb ! I spent a significant amount of time on that freaking question !!!!!!!
@selena40722 жыл бұрын
how did u get the traffic generator installed ?
@MG-bm5oj Жыл бұрын
Great job mate. I think this channel is underrated. I have a question. I watched on this video that you are using obsidian. Are you sharing with the comunity your notes or they are private?
@MotasemHamdan Жыл бұрын
Hello, you can subscribe to the channel membership tier 2 to get access to all the notes, link below kzbin.info/door/NSdU_1ehXtGclimTVckHmQjoin Or if you are interested in one subject among the others, you can pay for one time. The notes that are available for one time purchase can be found below motasem-notes.net/
@johnvardy95597 ай бұрын
what a teacher.really i learn a lot of you.
@rabahkhiari862111 ай бұрын
thanksssssss its a clear video and Very helpful and easy english that help me understand without having fluent english
@ЮрійМинаш Жыл бұрын
You are the best in explaining things Motasem , thanks a lot !
@viorage22932 жыл бұрын
I was messing with step 9, question 1, forever and thought I was failing. However, it was because I didn't realize the alert file being made :) Great vid.
@hurrenbardinas4909 ай бұрын
Great content. Please share your entire notes with me, focusing on the sudo command.
@techskyrocket4101 Жыл бұрын
Can I ask what the notepad are you using? I want to put notes in somewhere and looking for suitable note pad.
@FunnyAnimals-ko8zz Жыл бұрын
The same question :) can you find an answer ?
@techskyrocket4101 Жыл бұрын
@@FunnyAnimals-ko8zz it's obsidian ;)
@FunnyAnimals-ko8zz Жыл бұрын
@@techskyrocket4101 Thanks Bro :)
@JohnFider4 ай бұрын
This has been so helpful! Thank you!
@isaacringling3823 Жыл бұрын
very helpful to follow along with at every spot I got stuck in the snort room. Thank you!
@SandeepKumar-zb5uf Жыл бұрын
Thank you so much @Motasem for creating this awesome video on Snort. It was really helpfull and informative from starting to end. I liked the way of your explaining the concepts or points in details with easy explanations. Again appreciated the hard work you put in this video :)
@elisehackmann-tf6xg Жыл бұрын
Very well organized and well explained! thank you ! that was really helpful
@SaitejaG-h6h9 ай бұрын
I was able to complete the task cuz of this video! Super clear :) Thanks much
@samas69420 Жыл бұрын
what kind of packets are the ones you see in sniffer mode at 21:35?
@johnvardy9559 Жыл бұрын
heeeyy mohamed great Containt.Please which tool has been used to keep documentation?
@MotasemHamdan Жыл бұрын
Heey, Its Obsidian.
@johnvardy9559 Жыл бұрын
@@MotasemHamdan between Soc analyst or Cloud what do you think?
@yousef_alshiekh165010 ай бұрын
hello motasem ty so much for your effort, i have 1 question ,where can I have or buy your notepad library?
@MotasemHamdan10 ай бұрын
Hello, you can subscribe to the channel membership tier 2 to get access to all the notes, link below kzbin.info/door/NSdU_1ehXtGclimTVckHmQjoin Or if you are interested in one subject among the others, you can pay for one time. The notes that are available for one time purchase can be found below motasem-notes.net/
@yousef_alshiekh165010 ай бұрын
Tysm@@MotasemHamdan
@SyedaNidaHassan10 ай бұрын
Superb! Very well organised and well explained. Can you sahre your notes please.
@MotasemHamdan10 ай бұрын
Hello, you can subscribe to the channel membership tier 2 to get access to all the notes, link below kzbin.info/door/NSdU_1ehXtGclimTVckHmQjoin Or if you are interested in one subject among the others, you can pay for one time. The notes that are available for one time purchase can be found below motasem-notes.net/
@tradesmenlife9 ай бұрын
NBA and full-blown, thanks for this video, this snort was so complicated, they really need some gui platform
@AlHoussemАй бұрын
Nice Tutorial, many thanks
@jamilshekinski11 ай бұрын
1:20:15 - Network Behaviour Analysis - NBA. The second one is - full-blown.
@DANIEL-p6b3x3 ай бұрын
thank you for these video. they have been helpful. i am interested in your 974 page notes so it helps with easy referencing. does the package (priced at 34 dollars) contain the notes covering all your videos?thanks
@MotasemHamdan3 ай бұрын
Hello, did you mean the blue team notes?
@ian2301872 жыл бұрын
Hi Motasem, For 9.4 , same ip question, when I used the protocol as ip, I got the answer as 13.. Just wanted to confirm the reason behind using tcp and udp and also just to update changes to rev field are not needed
@anoopvijayan15652 жыл бұрын
bro first you should remove the alert message that is generated as a result of the previous using the command "sudo rm -r alert". then open the local rule and add the tcp and udp rule as same as what Mr.Motasem Hamdan showed in this tutorial. Then you again run the rule. Then after you will get the answer 10.
@Im-coming-in-20304 ай бұрын
Which snort mode works similar to NIPS mode? is a bhhaviour-based intrusion nba
@roadragedrivers-pz6el9 ай бұрын
Thank you, this section was very complicated
@MG-bm5oj Жыл бұрын
I have everything set up. Snort trigger an alert when I ping the pc where it is installed. The problem is when I do a ping to another PC within my network, Snort doesnt detect it. I have my network card in promisc mode. Any idea why is this happening?
@dukenorris72 жыл бұрын
What is the notebook you are using? I really like the way it tree's out. I am just using onenote.
@mhmdmhidat2953 Жыл бұрын
Great video, the room is vet long and a bit boring, your videos add enthusiasm
@deems471611 ай бұрын
Thank you for sharing this video, but i have question. i have pcaps file and i want command to i see traffic and some Alerts
@anoopvijayan15652 жыл бұрын
A clear video tutorial. Very helpful to tryhackme beginners. Thanks professor.😊😊
@adnannazir705611 ай бұрын
which app do you use for storing notes
@MotasemHamdan11 ай бұрын
Obsidian
@selena40722 жыл бұрын
are your snort notes with the specific commands and explain what the commands do available online?
@thepuldarshana9056 Жыл бұрын
Can you please install and configure on windows server?
@Messi-n2u20 күн бұрын
Sir task 3 answer 5 is NBA ❤ And thankyou so much sir 🙏🙏
@MotasemHamdan20 күн бұрын
Thank you too !
@BrokenBrainOfficial Жыл бұрын
could you please provide a link to your notes? that would be helpful
@TorgnyHolmlund2 жыл бұрын
Which snort mode works similar to NIPS mode? NBA According to the official description of the snort, what kind of NIPS is it? full-blown
@reels_shortt2 жыл бұрын
What is the name of the application in the taskbar marked with the letter s
@GOODBOY-vt1cf7 ай бұрын
19:45
@CreepyGRC2 жыл бұрын
Thank you Motasem, that task 7 question though. haha
@naijaguy1836 Жыл бұрын
Thanks again another awesome video
@zero-ib1jd10 ай бұрын
Great video thanks!
@TheUnchartedTrail2 жыл бұрын
NBA training period is also known as ..? Test the current instance with "/etc/snort/snort.conf" file and check how many rules are loaded with the current build. ?
Could you please specify at which minute:second in the video?
@zarandiatada Жыл бұрын
34:22 sudo snort -dev - K ASCII -l . @@MotasemHamdan your explanation is very nice man,god bless you,thank you.
@hetpatel93699 ай бұрын
can you provide the access to your notes?
@MotasemHamdan9 ай бұрын
Once you are subscribed to channel membership, you wil able to access sys admin notes for Linux and Windows. You can also subscribe from here www.buymeacoffee.com/notescatalog/membership
@chicaomassari2 жыл бұрын
Which snort mode works similar to NIPS mode? NBA
@abdoal-saidi37352 жыл бұрын
full-blown - baselining
@memepasmal778 ай бұрын
Thank you Sir !
@jamilshekinski Жыл бұрын
Thank You habibi!!
@mccrory2 жыл бұрын
Are you sharing your notes that you have saved?
@mccrory2 жыл бұрын
i mean your notes library?
@MotasemHamdan2 жыл бұрын
Hello, online access to notes is part of channel membership kzbin.info/door/NSdU_1ehXtGclimTVckHmQjoin
@ruffajne3 ай бұрын
what is rm?
@MotasemHamdan3 ай бұрын
Tool in Linux to remove files.
@huuloc87192 жыл бұрын
Thank you so much.
@0mayhem2 жыл бұрын
Could anybody help me with the Task 4 Question 1 is the only question I'm missing, tried a lot of combinations with -V but no success
@VeNoM____2 жыл бұрын
Answer: 149, type sudo snort -v
@0mayhem2 жыл бұрын
@@VeNoM____ thanks bro!!
@manuelchacon6298 Жыл бұрын
Good course , but the audio level is really low.
@amjadalbalwy51802 жыл бұрын
how can I block vpn packets mr?
@abdelrahmanbadie4104 ай бұрын
the answer of first one is NBA and the second is full-blown
@naijaguy1836 Жыл бұрын
According to the official description of the snort, what kind of NIPS is it -> full-blown😉
@aytenchelebili22132 жыл бұрын
thanks for video
@efeminihamilton76452 жыл бұрын
Two missing answers are NBA and full-blown
@alanchichilla2 жыл бұрын
Great video but dude turn off that alert noises that come up throughout the entire video. It scared me to death!
@jaxson82622 жыл бұрын
it is NBA
@mutezgannam Жыл бұрын
NPA , full-blown
@martx00132 жыл бұрын
❤
@msarwar3934 Жыл бұрын
Hi Motasem, v lovely videos and explanations thank u. I would like to connect with you regarding some 1:1 coaching for blue team studies. Kindly let me know ur email/id etc or whatsapp plz Thank u 🙏🏾