Network Intrusion Detection with Suricata
Network intrusion detection alerts you to suspicious traffic within your network that may indicate a security breach, policy violation, or insecure software. Suricata is a popular open-source network intrusion detection system (NIDS) that can also be used for network intrusion prevention (NIPS) and is used in a number of commercial cybersecurity products.
In this video I'll show you how to install Suricata on Ubuntu or Rocky Linux*, perform basic configuration, and tweak the rulesets to successfully identify malicious activity whilst minimising false positive alerts.
*Rocky's instructions also appply to AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, and CentOS.
Follow-Up: Visualise Suricata Data
📽️ • Visualising Network Threats
🌐 Suricata Website
https://suricata.io/
📖 Suricata Documentation
https://suricata.readthedocs.io/en/la...
🌐 testmynids.org GitHub
https://github.com/3CORESec/testmynid...
💬 Follow Me
/ andrewmrquinn
Video timestamps:
0:00 - Introduction
0:22 - Intrusion Detection Vs Intrusion Prevention
1:09 - Suricata Introduction
2:15 - Installing Suricata on Ubuntu & Rocky Linux
4:17 - Configuring Suricata
7:12 - Enabling Automatic Rule Updates
8:14 - Mirroring Network Traffic to Suricata
9:15 - Testing Suricata & Viewing Alerts
11:18 - Reducing False Positives: Disable Rules
13:48 - Reducing False Positives: Suppression Rules
15:51 - Managing Log File Rotation
The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
Watch video Network Intrusion Detection with Suricata online without registration, duration hours minute second in high quality. This video was added by user Pro Tech Show 02 November 2022, don't forget to share it with your friends and acquaintances, it has been viewed on our site 18,35 once and liked it 35 people.