Difference between revisions of "SNORT: Menjalankan sebagai daemon"

Latest revision as of 14:54, 11 May 2017

Gunakan switch -D Jika snort di instalasi dengan apt install. Logging ASCII tampaknya lebih memudahkan SNORT Untuk deteksi serangan jika kita membuat local.rules.

Logging ASCII

snort -c /etc/snort/snort.conf -l /var/log/snort/ -K ascii -D

Logging binary

snort -c /etc/snort/snort.conf -l /var/log/snort/ -b -D

atau

/usr/sbin/snort -d -h 192.168.0.0/24 -l /var/log/snort/ -c /etc/snort/snort.conf -s -D

atau

/usr/sbin/snort -m 027 -D -d -l /var/log/snort \
    -u snort -g snort -c /etc/snort/snort.conf -S HOME_NET=[192.168.0.0/24] -i ens18

Gunakan full path agar bisa di restart dengan signal SIGHUP

/usr/local/bin/snort -d -h 192.168.1.0/24 \
     -l /var/log/snortlogs -c /usr/local/etc/snort.conf -s -D

Difference between revisions of "SNORT: Menjalankan sebagai daemon"

Latest revision as of 14:54, 11 May 2017

Navigation menu

Search

@@ Line 1: / Line 1: @@
 Gunakan switch -D
+Jika snort di instalasi dengan apt install.
+Logging ASCII tampaknya lebih memudahkan SNORT Untuk deteksi serangan jika kita membuat local.rules.
+Logging ASCII
+ snort -c /etc/snort/snort.conf -l /var/log/snort/ -K ascii -D
+Logging binary
+ snort -c /etc/snort/snort.conf -l /var/log/snort/ -b -D
+atau
+ /usr/sbin/snort -d -h 192.168.0.0/24 -l /var/log/snort/ -c /etc/snort/snort.conf -s -D
+atau
+ /usr/sbin/snort -m 027 -D -d -l /var/log/snort \
+     -u snort -g snort -c /etc/snort/snort.conf -S HOME_NET=[192.168.0.0/24] -i ens18
 Gunakan full path agar bisa di restart dengan signal SIGHUP
   /usr/local/bin/snort -d -h 192.168.1.0/24 \
        -l /var/log/snortlogs -c /usr/local/etc/snort.conf -s -D