In this lab, we performed an RCE attack by exploiting Samba. The attack involved sending a malicous payload to the victim’s machine. The ports that were targeted were ports 139 and 445. The attack allowed us to gain root access to the victim’s computer and execute commands as them. We used the victim’s computer and investigated it after the attack to get information about the attack. In the second part of the lab, we deployed and used Suricata (an IDS/IPS) to create a rule, so our system alerts us when a RCE attack is run the on the victim's machine. We used Wireshark to analyze the payload. Using Wireshark, we also created a regex command to identify the RCE attack.