Merge branch 'stretch_kde_update' of https://github.com/cliffe/SecGen into stretch_kde_update

modules/generators/structured_content/hackerbot_config/ids_rules/templates/intro.md.erb

@@ -48,15 +48,13 @@ sudo vi /etc/snort/snort.conf
 ==Add the following line:==
 `output alert_fast`
 
-==Create a new rules file:==
-
-Let us edit the local rules file without sudo:
+==Let us edit the local rules file without sudo:==
 
 ```bash
 sudo chown <%= $main_user %> /etc/snort/rules/local.rules
 ```
 
-==Change Snort's interface== to the interface with IP address <%= $ids_server_ip %> (likely eth1), and set the local network to your IP address range (or "any"):
+==Change Snort's interface== to the interface with IP address <%= $ids_server_ip %> (likely changing eth0 to ens3), and set the local network to your IP address range (or "any"):
 
 ```bash
 sudo vi /etc/snort/snort.debian.conf
@@ -74,4 +72,4 @@ sudo service snort start
 
 Snort should now be running, monitoring network traffic for activity.
 
-It can be helpful to monitor network traffic while writing IDS rules. You can start Wireshark with `kdesudo wireshark &`
+It can be helpful to monitor network traffic while writing IDS rules. You can start Wireshark with `kdesudo wireshark`

modules/generators/structured_content/hackerbot_config/ids_rules/templates/write_snort_rules.md.erb

@@ -46,7 +46,7 @@ Note that in Wireshark you can view individual packets, including IP and TCP hea
 ==Start Wireshark:==
 
 ```bash
-kdesudo wireshark &
+kdesudo wireshark
 ```
 > For this exercise you can ignore the warnings about running Wireshark as root, or read online to learn to use setcap to grant Wireshark more specific privileges.