############ PPA 安裝法################
apt-get install python-software-properties
add-apt-repository ppa:oisf/suricata-stable
apt-get update
apt-get install suricata
cd /etc/suricata/
mkdir rules
cd rules
wget https://rules.emergingthreatspro.com/open/suricata/emerging.rules.tar.gz
tar -xvzf emerging.rules.tar.gz
mkdir /var/log/suricatacd rules
wget https://rules.emergingthreatspro.com/open/suricata/emerging.rules.tar.gz
tar -xvzf emerging.rules.tar.gz
vi /etc/suricata/suricata.yaml
address-groups:
default-rule-path:
HOME_NET: "[192.168.1.0/16]"
EXTERNAL_NET: "!$HOME_NET"
/etc/suricata/rules rule-files:
# - botcc.rules
# - ciarmy.rules
# - compromised.rules
# - drop.rules
# - dshield.rules
# - emerging-activex.rules
# - emerging-attack_response.rules
# - emerging-chat.rules …
suricata -c /etc/suricata/suricata.yaml -i eth0
沒有留言:
張貼留言