SecByArafai

  Detecting Network Intrusions with Snort in My Home Lab In this project, I built a practical Intrusion Detection System (IDS) lab using Snort , an open-source Network Intrusion Detection System widely used by security analysts . The lab environment included an Ubuntu VM running Snort, a Kali Linux VM acting as the attacker machine, and a Metasploitable 2 VM as the intentionally vulnerable target. The goal of this project was to simulate basic attacks such as ICMP pings and Nmap SYN scans , detect them using custom Snort rules , and document the alerts for portfolio demonstration. Lab Topology & Overview The virtual lab was set up on an isolated internal/host-only network to ensure all testing remained safely contained. The environment consisted of: • Ubuntu (Snort IDS) — Used to install and run Snort, monitor traffic, and store alert logs. • Kali Linux — Used as the attacker machine to generate pings, port scans, and reconnaissance traffic. • Metasploitable 2 — S...