Suricata is an open-source detection engine that can act as an intrusion detection system (IDS) and an intrusion prevention system (IPS).
__________________________________________________________________________________________________________________________________
Server - Os: Oracle Linux Server 9 64Bit | IP -192.168.1.50 |Hostname - server.testbox.com
__________________________________________________________________________________________________________________________________
cat /etc/system-release ; dnf groupinstall "Development Tools" -y
dnf install epel-release -y
dnf info suricata
dnf install suricata -y
ip --brief add
nano /etc/suricata/suricata.yaml
HOME_NET: "[192.168.1.50]"
EXTERNAL_NET: "!$HOME_NET"
af-packet:
- interface: ens33
default-rule-path: /var/lib/suricata/rules
rule-files:
- suricata.rules
ethtool -K ens33 gro off lro off
nano /etc/sysconfig/suricata
OPTIONS="-i ens33 --user suricata "
systemctl enable --now suricata
systemctl status suricata
tail /var/log/suricata/suricata.log
__________________________________________________________________________________________________________________________________
Thursday, July 10, 2025
How To Install Suricata IDS on Oracle Linux Server 9
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment