Suricata: Instalasi di Ubuntu 18.04

From OnnoWiki
Revision as of 08:52, 30 March 2020 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/


Installing Suricata from PPA repository

Even though Suricata is available on the default Ubuntu 18.04 repositories, it may not be up-to-date. As a result, to ensure that you got the latest version installed, you need to add the following PPA repository. 

sudo add-apt-repository ppa:oisf/suricata-stable
sudo apt update

Once the PPA repo is set, install Suricata with the package manager. 

apt-cache policy suricata
suricata:
 Installed: 4.1.2-0ubuntu6
 Candidate: 4.1.2-0ubuntu6
 Version table:
*** 4.1.2-0ubuntu6 500
       500 http://ppa.launchpad.net/oisf/suricata-stable/ubuntu bionic/main amd64 Packages
       100 /var/lib/dpkg/status
    3.2-2ubuntu3 500
       500 http://ke.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages

sudo apt install suricata

You can instead install Suricata with debugging enabled. 

sudo apt install suricata-dbg

That is all with installation. At the end of installation, you will have Suricata rules under /etc/suricata/rules/ and the main configuration file under /etc/suricata/suricata.yaml.

To list the Suricata rules;

ls -C /etc/suricata/rules/ app-layer-events.rules emerging-attack_response.rules emerging-malware.rules emerging-telnet.rules LICENSE botcc.portgrouped.rules emerging-chat.rules emerging-misc.rules emerging-tftp.rules modbus-events.rules botcc.rules emerging-current_events.rules emerging-mobile_malware.rules emerging-trojan.rules nfs-events.rules BSD-License.txt emerging-deleted.rules emerging-netbios.rules emerging-user_agents.rules ntp-events.rules ciarmy.rules emerging-dns.rules emerging-p2p.rules emerging-voip.rules sid-msg.map classification.config emerging-dos.rules emerging-policy.rules emerging-web_client.rules smb-events.rules compromised-ips.txt emerging-exploit.rules emerging-pop3.rules emerging-web_server.rules smtp-events.rules compromised.rules emerging-ftp.rules emerging-rpc.rules emerging-web_specific_apps.rules stream-events.rules decoder-events.rules emerging-games.rules emerging-scada.rules emerging-worm.rules suricata-4.0-enhanced-open.txt dnp3-events.rules emerging-icmp_info.rules emerging-scan.rules files.rules tls-events.rules dns-events.rules emerging-icmp.rules emerging-shellcode.rules gpl-2.0.txt tor.rules drop.rules emerging-imap.rules emerging-smtp.rules http-events.rules dshield.rules emerging-inappropriate.rules emerging-snmp.rules ipsec-events.rules emerging-activex.rules emerging-info.rules emerging-sql.rules kerberos-events.rules


Referensi

Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Suricata:_Instalasi_di_Ubuntu_18.04&oldid=60580"