Hi, how is it going?

I'm not sure if I can post this here, but I'm certain you guys can help. I'm taking this quick linux security course ( 6 weeks ) which is part of a cyber security master program. The course is very stressing as i'm new to linux (the CLI specially) and the requirements for it are too much(HW, labs, quizzes...etc). The course first introduces you to linux and then add some security into the mix. Anyways, we learned about the basic commands and I can say that I'm familiar with it now.

There is a project that you need to do at the end (You will be given two weeks), which you will have to present, demo, and submit a written report about. I just want you to suggest me some simple projects. I was looking for ideas in google, but it was hard to find something simple enough to be suitable for a 6 weeks linux course. Most require you to be very familiar with linux and have some good background in networking/security.

One thing I found to be appropriate was to maybe learn about snort, then configure it in a way so that you can pass a certain penetration test. Do you think this will be a good idea?

Of course it is going to be better if the project can be useful in some way or another. Something to learn with and maybe use later.

I'll provide more course details if necessary.

I'm using: Fedora, Ubunto, Kali linux

Any comments are appreciated.

You could learn a lot by running wireshark on your (networked) computer.
Perhaps look at what ping is able to do with some deliberately nasty parameters.

How about analyzing network activity on network (say a business or school) for suspicious activity (LAN & WAN) out of normal working hours to detect malware?

Thanks for your quick replies.

I talked to the instructor and he liked the snort idea. I'll be alone on this project. If I decide to go with snort, you think this will be a good place to seek help? I'm sure I'll have many many questions, and sometimes I'll need answers quickly because time is short. Are there many snort users/experts and Kali linux here?


What do you think?

Yes, you can always tell me to get help from the instructor but it is not that easy with the big number of students and inappropriate office hours(for me).


Thanks

If you need help in a hurry, definitely start with google; there's plenty of stuff about snort.
Definitely bookmark the home page https://www.snort.org/ and do some serious reading.
The main thing is also not to be afraid of just trying stuff - much faster than asking.

I'm little worried because of time constraints. That's why I want somebody who can always provide me with the appropriate answer.


I actually installed snort in one of my fedora virtual machines. It ran and just kept running without really realizing what is going on. So my first question would be:

How do you actually configure snort? You run the command with a specific switch so that you can configure it?

It is something like this that is worrying me....

Hopefully I'll manage

Try Google.