Network Intrusion Detection with Suricata
Network intrusion detection alerts you to suspicious traffic within your network that may indicate a security breach, policy violation, or insecure software. Suricata is a popular open-source network intrusion detection system (NIDS) that can also be used for network intrusion prevention (NIPS) and is used in a number of commercial cybersecurity products.
In this video I'll show you how to install Suricata on Ubuntu or Rocky Linux*, perform basic configuration, and tweak the rulesets to successfully identify malicious activity whilst minimising false positive alerts.
*Rocky's instructions also appply to AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, and CentOS.
Follow-Up: Visualise Suricata Data
📽️ • Visualising Network Threats
🌐 Suricata Website
https://suricata.io/
📖 Suricata Documentation
https://suricata.readthedocs.io/en/la...
🌐 testmynids.org GitHub
https://github.com/3CORESec/testmynid...
💬 Follow Me
/ andrewmrquinn
Video timestamps:
0:00 - Introduction
0:22 - Intrusion Detection Vs Intrusion Prevention
1:09 - Suricata Introduction
2:15 - Installing Suricata on Ubuntu & Rocky Linux
4:17 - Configuring Suricata
7:12 - Enabling Automatic Rule Updates
8:14 - Mirroring Network Traffic to Suricata
9:15 - Testing Suricata & Viewing Alerts
11:18 - Reducing False Positives: Disable Rules
13:48 - Reducing False Positives: Suppression Rules
15:51 - Managing Log File Rotation
The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
Смотрите видео Network Intrusion Detection with Suricata онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Pro Tech Show 02 Ноябрь 2022, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 18,356 раз и оно понравилось 352 людям.