Warning: This application is Completed as of May 2023, further updates to the application are discontinued and bears no warranty in the future. As of now , May, 2023, the application runs optimally, keeping in mind the security and complexity of the current real world network scenario. Usage of this application for commercial or educational use requires scrutiny of network administrative personnel. Any loss in data, damage to configuration should be under user discretion.

A actively developed blue team application for SNORT, a popular Intrusion Detection/Prevention System intended for forensic, incident handling and analysis of network abnormalities.

1. Research Architecture
2. SNORT GUI v3
   • Pre-requisite
   • Download
   • Installation
3. Connect with Me
4. Credits

STATUS: ✔️

The SNORT GUI main program consists of:

• SNORT Rule Generator: Open, Write, Save .rules files - Pre-incident/Preparation
• Open Configuration Files: Manually Open .conf and .rules files - Pre-incident/Preparation
• Alert Log Analyzer: Analyze SNORT alerts and distinguishing them by protocols and ports for ease of documentation for cyberforensics - Post-incident/Forenisc Analysis
• Run SNORT: Runs the SNORT application in Intrusion Detection System Mode.

snort -A console -A fast -q -i <network_interface> -c <configuration_file> -l <log_folderpath>

‼️ Help: covers snort-gui documentation and usage, simulation guides, walkthroughs, snort rule formulation, basic attack and mitigation walkthroughs.

1. A Linux distro that has snort installed (preferably Ubuntu).

1. Download the latest snortgui-ENTERPRISE.zip release (tag: v3) available in the "Releases" tab.
2. Alternatively, download via Git, and navigate to "snort/snortgui/" for application files.

Note: If you opt for method 2, rename the resources folder to .resources.

1. For first-time installation, run:

sudo python3 installer.py

Figure 1.1: Terms and Conditions

Figure 1.2: Installing resources

2. After installation, you can launch the application by running:

sudo python3 snortgui.py

Figure 2.1: SNORT GUI main menu

Figure 2.2: Rule Generator GUI

Figure 2.3: Log Analyzer Tool

3. Run SNORT IDS:

Figure 3.1: Configuring SNORT

Figure 3.2: Running SNORT

Note: SNORT GUI v3 features security patches and bug fixes with a help and support centre to explain snort-gui usage. Make sure you download the latest stable release of snortgui-ENTERPRISE.zip(tag: v3) to run the application hassle free.

• LinkedIn
• Blogs
• Email

Thank you ChrisJD20 for your preliminary contribution to the snort rule generator.