Suricata: Difference between revisions
Created page with "==Installasi== ===Install Required Dependencies=== First, you will need to install some dependencies required to compile Suricata from the source. You can install all of them with the following command: apt-get install rustc cargo make libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf automake libtool libpcap-dev libnet1-dev libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev libjansson4 pkg-config -y By defaul..." |
No edit summary |
||
| Line 22: | Line 22: | ||
First, download the latest version of Suricata from their official website with the following command: | First, download the latest version of Suricata from their official website with the following command: | ||
wget https://www.openinfosecfoundation.org/download/suricata-5.0.3.tar.gz | wget <nowiki>https://www.openinfosecfoundation.org/download/suricata-5.0.3.tar.gz</nowiki> | ||
Once the download is completed, extract the downloaded file with the following command: | Once the download is completed, extract the downloaded file with the following command: | ||
| Line 39: | Line 39: | ||
make install-full | make install-full | ||
<blockquote>Note: This process will take over 10 minutes</blockquote>Next, install all rules with the following command: | |||
Note: This process will take over 10 minutes | |||
Next, install all rules with the following command: | |||
make install-rules | make install-rules | ||
By default, all rules are located at /var/lib/suricata/rules/suricata.rules: | By default, all rules are located at <code>/var/lib/suricata/rules/suricata.rules</code>: | ||
You can see it with the following command: | You can see it with the following command: | ||
| Line 62: | Line 59: | ||
EXTERNAL_NET: "!$HOME_NET" | EXTERNAL_NET: "!$HOME_NET" | ||
Save and close the file when you are finished. | Save and close the file when you are finished.<blockquote>Note: In the command above, replace <code>192.168.1.0/24</code> with your internal network.</blockquote> | ||
Note: In the command above, replace 192.168.1.0/24 with your internal network. | |||
===Test Suricata Against DDoS=== | ===Test Suricata Against DDoS=== | ||
| Line 95: | Line 90: | ||
==Source== | ==Source== | ||
*[https://www.atlantic.net/vps-hosting/how-to-install-and-setup-suricata-ids-on-ubuntu-20-04/ atlantic.net] | *[https://www.atlantic.net/vps-hosting/how-to-install-and-setup-suricata-ids-on-ubuntu-20-04/ atlantic.net] | ||
[[Category:Server]] | |||
[[Category:Security]] | |||
[[Category:Software]] | |||