How I Detected a Network Attack Using Snort (Step-by-Step)
📰 Medium · Cybersecurity
Detect network attacks using Snort by setting up a lab environment, configuring rules, and analyzing alerts
Action Steps
- Set up a controlled lab environment using virtual machines
- Configure Snort rules to detect reconnaissance attacks
- Run a network security simulation to test Snort's detection capabilities
- Analyze Snort alerts to identify potential security threats
- Configure and tune Snort rules for improved detection accuracy
Who Needs to Know This
Security teams and network administrators can benefit from this step-by-step guide to detect network attacks using Snort, improving their incident response and network security
Key Insight
💡 Snort can be used to detect network attacks by setting up a lab environment, configuring rules, and analyzing alerts
Share This
Detect network attacks with Snort!
Key Takeaways
Detect network attacks using Snort by setting up a lab environment, configuring rules, and analyzing alerts
Full Article
Title: How I Detected a Network Attack Using Snort (Step-by-Step)
URL Source: https://medium.com/@dafadwiputra296/how-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f?source=rss------cybersecurity-5
Published Time: 2026-04-21T08:03:20Z
Markdown Content:
# How I Detected a Network Attack Using Snort (Step-by-Step) | by Dafa Dwi Putra | Apr, 2026 | Medium
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

# How I Detected a Network Attack Using Snort (Step-by-Step)
[](https://medium.com/@dafadwiputra296?source=post_page---byline--66f3ba0ca18f---------------------------------------)
[Dafa Dwi Putra](https://medium.com/@dafadwiputra296?source=post_page---byline--66f3ba0ca18f---------------------------------------)
5 min read
·
Just now
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&user=Dafa+Dwi+Putra&userId=899939529abf&source=---header_actions--66f3ba0ca18f---------------------clap_footer------------------)
--
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=---header_actions--66f3ba0ca18f---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=---header_actions--66f3ba0ca18f---------------------post_audio_button------------------)
Share
Before any cyber attack actually happens, there is usually a silent phase called **reconnaissance**.
This is where an attacker tries to gather as much information as possible about the target system such as open ports, running services, and potential vulnerabilities. Even though it looks harmless, this phase is **very important** because it determines how the next attack will be executed.
In this project, a network security simulation was conducted to understand how reconnaissance attacks work and how they can be detected using Snort. The experiment began by setting up a controlled lab environment using two virtual machines. One machine, running Kali Linux, was configured as the attacker, while another machine running Ubuntu was used as the target system a
URL Source: https://medium.com/@dafadwiputra296/how-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f?source=rss------cybersecurity-5
Published Time: 2026-04-21T08:03:20Z
Markdown Content:
# How I Detected a Network Attack Using Snort (Step-by-Step) | by Dafa Dwi Putra | Apr, 2026 | Medium
[Sitemap](https://medium.com/sitemap/sitemap.xml)
[Open in app](https://play.google.com/store/apps/details?id=com.medium.reader&referrer=utm_source%3DmobileNavBar&source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)
[](https://medium.com/?source=post_page---top_nav_layout_nav-----------------------------------------)
Get app
[Write](https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---top_nav_layout_nav-----------------------new_post_topnav------------------)
[Search](https://medium.com/search?source=post_page---top_nav_layout_nav-----------------------------------------)
Sign up
[Sign in](https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=post_page---top_nav_layout_nav-----------------------global_nav------------------)

# How I Detected a Network Attack Using Snort (Step-by-Step)
[](https://medium.com/@dafadwiputra296?source=post_page---byline--66f3ba0ca18f---------------------------------------)
[Dafa Dwi Putra](https://medium.com/@dafadwiputra296?source=post_page---byline--66f3ba0ca18f---------------------------------------)
5 min read
·
Just now
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fp%2F66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&user=Dafa+Dwi+Putra&userId=899939529abf&source=---header_actions--66f3ba0ca18f---------------------clap_footer------------------)
--
[](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=---header_actions--66f3ba0ca18f---------------------bookmark_footer------------------)
[Listen](https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D66f3ba0ca18f&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dafadwiputra296%2Fhow-i-detected-a-network-attack-using-snort-step-by-step-66f3ba0ca18f&source=---header_actions--66f3ba0ca18f---------------------post_audio_button------------------)
Share
Before any cyber attack actually happens, there is usually a silent phase called **reconnaissance**.
This is where an attacker tries to gather as much information as possible about the target system such as open ports, running services, and potential vulnerabilities. Even though it looks harmless, this phase is **very important** because it determines how the next attack will be executed.
In this project, a network security simulation was conducted to understand how reconnaissance attacks work and how they can be detected using Snort. The experiment began by setting up a controlled lab environment using two virtual machines. One machine, running Kali Linux, was configured as the attacker, while another machine running Ubuntu was used as the target system a
DeepCamp AI