Suricata IDS: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „==Local Rules== *cat /etc/suricata/rules/local.rules alert icmp any any -> any any (msg:"ICMP Test"; sid:1000000002;) alert tcp any any -> any any (flags: S…“) |
|||
| Zeile 7: | Zeile 7: | ||
==Start suricata== | ==Start suricata== | ||
| − | *suricata -i $ | + | *suricata -i $DMZDEV |
==check== | ==check== | ||
*tail -f /var/log/suricata/fast.log | *tail -f /var/log/suricata/fast.log | ||
Version vom 13. Dezember 2022, 12:17 Uhr
Local Rules
- cat /etc/suricata/rules/local.rules
alert icmp any any -> any any (msg:"ICMP Test"; sid:1000000002;) alert tcp any any -> any any (flags: S; msg: "SYN packet"; sid:100000003;)
Start suricata
- suricata -i $DMZDEV
check
- tail -f /var/log/suricata/fast.log