Detecting Nmap Scans with Snort

I used an Ubuntu 16.04 server.

Find IP Address and Subnet

Execute this command: 
ip addr show
Note the interface name and subnet identifier, as outlined in red in the image below.

Install Snort

Execute these commands: 
sudo apt update
sudo apt install snort -y
A "Configuring snort" page appears, as shown below. Press Enter.

On the next page, enter the correct interface name, as shown below.

Press Tab to highlight OK and press Enter.

On the next page, enter the correct address range, as shown below.

Press Tab to highlight OK and press Enter.

The first two screens appear again. Just select OK and press Enter twice.

Starting Snort in IDS Mode

Execute this command: 
sudo snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i ens33
Leave this window open.

Scanning the Ubuntu Machine

From some other machine, scan the Ubuntu machine with Nmap. Use the "-A" switch to run all advanced scans.

The Nmap scan should be detected, as shown below.