Difference between revisions of "Suricata: Instalasi di Ubuntu 22.04"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 34: | Line 34: | ||
- interface: enp0s3 | - interface: enp0s3 | ||
| − | + | ## | |
| + | ## Configure Suricata to load Suricata-Update managed rules. | ||
| + | ## | ||
| + | |||
| + | default-rule-path: /etc/suricata/rules | ||
| + | |||
| + | rule-files: | ||
| + | - suricata.rules | ||
==Start Restart Stop== | ==Start Restart Stop== | ||
Revision as of 16:30, 7 July 2023
Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/
Update Repo dan Install
Update
sudo apt update
Instalasi normal,
sudo apt -y install suricata
Instalasi dengan fasilitas debugging di enabled,
sudo apt -y install suricata-dbg
Selesai sudah,
- Suricata rules berada di /etc/suricata/rules/
- File konfigurasi di /etc/suricata/suricata.yaml.
Sebaiknya di baca2 isi file2 di /etc/suricata/rules/
Perbaikan konfigurasi
Edit
vi /etc/suricata/suricata.yaml
Pastikan
# Linux high speed capture support af-packet: - interface: enp0s3
## ## Configure Suricata to load Suricata-Update managed rules. ## default-rule-path: /etc/suricata/rules rule-files: - suricata.rules
Start Restart Stop
/etc/init.d/suricata restart /etc/init.d/suricata start /etc/init.d/suricata stop
Cek
/usr/bin/suricata --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid
/usr/bin/suricata -D --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid