Network Intrusion Detection with Suricata
16.7 هزار بار بازدید -
2 سال پیش
-
Network intrusion detection alerts you
Network intrusion detection alerts you to suspicious traffic within your network that may indicate a security breach, policy violation, or insecure software. Suricata is a popular open-source network intrusion detection system (NIDS) that can also be used for network intrusion prevention (NIPS) and is used in a number of commercial cybersecurity products.
In this video I'll show you how to install Suricata on Ubuntu or Rocky Linux*, perform basic configuration, and tweak the rulesets to successfully identify malicious activity whilst minimising false positive alerts.
*Rocky's instructions also appply to AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, and CentOS.
Follow-Up: Visualise Suricata Data
📽️ Visualising Network Threats
🌐 Suricata Website
https://suricata.io/
📖 Suricata Documentation
https://suricata.readthedocs.io/en/la...
🌐 testmynids.org GitHub
https://github.com/3CORESec/testmynid...
💬 Follow Me
Twitter: AndrewMRQuinn
Video timestamps:
0:00 - Introduction
0:22 - Intrusion Detection Vs Intrusion Prevention
1:09 - Suricata Introduction
2:15 - Installing Suricata on Ubuntu & Rocky Linux
4:17 - Configuring Suricata
7:12 - Enabling Automatic Rule Updates
8:14 - Mirroring Network Traffic to Suricata
9:15 - Testing Suricata & Viewing Alerts
11:18 - Reducing False Positives: Disable Rules
13:48 - Reducing False Positives: Suppression Rules
15:51 - Managing Log File Rotation
The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
In this video I'll show you how to install Suricata on Ubuntu or Rocky Linux*, perform basic configuration, and tweak the rulesets to successfully identify malicious activity whilst minimising false positive alerts.
*Rocky's instructions also appply to AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, and CentOS.
Follow-Up: Visualise Suricata Data
📽️ Visualising Network Threats
🌐 Suricata Website
https://suricata.io/
📖 Suricata Documentation
https://suricata.readthedocs.io/en/la...
🌐 testmynids.org GitHub
https://github.com/3CORESec/testmynid...
💬 Follow Me
Twitter: AndrewMRQuinn
Video timestamps:
0:00 - Introduction
0:22 - Intrusion Detection Vs Intrusion Prevention
1:09 - Suricata Introduction
2:15 - Installing Suricata on Ubuntu & Rocky Linux
4:17 - Configuring Suricata
7:12 - Enabling Automatic Rule Updates
8:14 - Mirroring Network Traffic to Suricata
9:15 - Testing Suricata & Viewing Alerts
11:18 - Reducing False Positives: Disable Rules
13:48 - Reducing False Positives: Suppression Rules
15:51 - Managing Log File Rotation
The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
2 سال پیش
در تاریخ 1401/08/11 منتشر شده
است.
16,754
بـار بازدید شده