Intrusion Detection with Suricata | Blue Team Series with Hackersploit

Поделиться
HTML-код
  • Опубликовано: 5 июл 2024
  • In this episode of our Blue Team series with @HackerSploit we'll cover the process of installing, configuring, and using Suricata for Blue Team intrusion detection. Suricata is a free and open-source threat detection engine. It detects intrusions by combining IDS, IPS, and network security monitoring.
    Chapters:
    0:00 Introduction
    1:33 What We’ll Be Covering
    3:39 Pre Requisites
    3:47 Introduction to Suricata
    6:31 How Does Suricata Work?
    8:04 Where is Suricata Placed In a Network?
    8:39 About our Lab Environment
    9:30 Practical Demo
    9:46 How to Download Suricata
    11:33 How to Start Suricata
    12:45 How to Configure Suricata
    22:12 Specifying Your Own Sources
    23:31 Adding Rulesets to Your Configuration
    24:30 How to Test the Configuration File
    25:52 Loading Suricata with the New Configuration
    27:15 How to Run an Intrusion Test with Suricata
    28:36 How to Check the Logs
    29:10 How to Us Custom Rules
    33:29 Examining Suricata Log Files
    35:59 Integrating Suricata with Wazuh
    50:49 Conclusion
    New to Cloud Computing? Get started here with a $100 credit → www.linode.com/linodetube
    Check out the Blue Team Security Playlist → • HackerSploit Blue Team...
    Watch the previous episode → • Splunk Security Event ...
    Subscribe to get notified of new episodes as they come out → ruclips.net/user/linode?sub_co...
    #Linode #suricata #cybersecurity #blueteam
    Product: Linode, Security, Blue Team; @HackerSploit ;
  • НаукаНаука

Комментарии • 8

  • @fabiogiroux6347
    @fabiogiroux6347 2 месяца назад

    I use Suricata for Windows servers, but it uses a lot of memory and disk space on my servers. When I try to configure it based on the documentation, the adjustments don't work.
    I'm thinking about replacing it with snort, what do you say?

  • @abhinav79
    @abhinav79 3 месяца назад

    How to save the changes for things we done in configuration and to find the text??

    • @AkamaiDeveloper
      @AkamaiDeveloper  3 месяца назад

      If you're following the instructions in this video and using Vim, you can save the changes made to the configuration file by pressing "Esc" to exit "Insert" mode then ":w" to write your changes.
      To search the file for specific text, you will use "/$word" then press the "return" or "enter" key. The example in the video is "/af-packet"
      If you're unfamiliar with Vim, we suggest checking out these videos:
      - ruclips.net/video/bR5bZriaOVU/видео.htmlsi=c2RKmH81QW0NXD9P
      - ruclips.net/video/zE0hno3vV9M/видео.htmlsi=C8CE35M1BPPgMSry

  • @johnvardy9559
    @johnvardy9559 11 месяцев назад

    suricata or snort?

  • @anshumanaaditya944
    @anshumanaaditya944 Год назад +2

    Suricate logs on wazuh dashboard is not looking convincing and more confusing.

  • @radhakumari-iy4st
    @radhakumari-iy4st Год назад +1

    Sz@zk

  • @calvinnguyen1699
    @calvinnguyen1699 Месяц назад

    how can the suricata work the sam snort
    sudo snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i wlp0s20f3

Следующие
Автовоспроизведение
Splunk Security Event Monitoring | Blue Team Series with Hackersploit56:13Splunk Security Event Monitoring | Blue Team Series with Hackersploit
Splunk Security Event Monitoring | Blue Team Series with HackersploitAkamai Developer
Просмотров 8 тыс.
PFSense Suricata Intrusion Detection and Prevention, Installation Guide33:10PFSense Suricata Intrusion Detection and Prevention, Installation Guide
PFSense Suricata Intrusion Detection and Prevention, Installation GuideHome SysAdmin
Просмотров 18 тыс.
Реализация IDS/IPS системы на Mikrotik + Suricata1:05:26Реализация IDS/IPS системы на Mikrotik + Suricata
Реализация IDS/IPS системы на Mikrotik + SuricataMikrotik Training
Просмотров 28 тыс.
Cleetus's 5000 HP Hemi INSTALLED in "Eagle"!47:49Cleetus's 5000 HP Hemi INSTALLED in "Eagle"!
Cleetus's 5000 HP Hemi INSTALLED in "Eagle"!CJ Race Cars
Просмотров 403 тыс.
Google Glass, but it's 2024.09:00Google Glass, but it's 2024.
Google Glass, but it's 2024.DankPods
Просмотров 371 тыс.
MINIMI (Video Oficial) - Bryan Martínez02:32MINIMI (Video Oficial) - Bryan Martínez
MINIMI (Video Oficial) - Bryan MartínezBryan Martínez
Просмотров 2,1 млн
I Played College Football 25 Early, Here's My Thoughts!13:52I Played College Football 25 Early, Here's My Thoughts!
I Played College Football 25 Early, Here's My Thoughts!Meags
Просмотров 316 тыс.
100+ Linux Things you Need to Know12:23100+ Linux Things you Need to Know
100+ Linux Things you Need to KnowFireship
Просмотров 41 тыс.
How to Configure VLANs in Proxmox15:47How to Configure VLANs in Proxmox
How to Configure VLANs in ProxmoxHouse of Logic blog
Просмотров 3,2 тыс.
Memory Forensics with Volatility | HackerSploit Blue Team Series34:46Memory Forensics with Volatility | HackerSploit Blue Team Series
Memory Forensics with Volatility | HackerSploit Blue Team SeriesAkamai Developer
Просмотров 12 тыс.
you need this FREE CyberSecurity tool32:06you need this FREE CyberSecurity tool
you need this FREE CyberSecurity toolNetworkChuck
Просмотров 1,2 млн
Network Intrusion Detection with Suricata16:46Network Intrusion Detection with Suricata
Network Intrusion Detection with SuricataPro Tech Show
Просмотров 15 тыс.
10 REASONS Why These Games SOLD 20+ MILLION COPIES21:0010 REASONS Why These Games SOLD 20+ MILLION COPIES
10 REASONS Why These Games SOLD 20+ MILLION COPIESgameranx
Просмотров 1,9 млн
How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU Performance24:04How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU Performance
How To Secure pfsense with Snort: From Tuning Rules To Understanding CPU PerformanceLawrence Systems
Просмотров 55 тыс.
Suricata Home-Lab for IDS/IPS {Add in your Resume Now!}18:05Suricata Home-Lab for IDS/IPS {Add in your Resume Now!}
Suricata Home-Lab for IDS/IPS {Add in your Resume Now!}Rajneesh Gupta
Просмотров 1,5 тыс.
Suricata and DPDK: Everything You Need to Know1:25:24Suricata and DPDK: Everything You Need to Know
Suricata and DPDK: Everything You Need to KnowOISF-Suricata
Просмотров 2,6 тыс.
Я купил ВСЕ НОВИНКИ FIFINE с Aliexpress и протестировал их! Микрофон, колонки, аудиокарта, наушники16:58Я купил ВСЕ НОВИНКИ FIFINE с Aliexpress и протестировал их! Микрофон, колонки, аудиокарта, наушники
Я купил ВСЕ НОВИНКИ FIFINE с Aliexpress и протестировал их! Микрофон, колонки, аудиокарта, наушникиFISPECKT
Просмотров 193 тыс.
НЕОБЫЧНЫЕ ЧАСЫ - ВМЕСТО ЦИФР….00:25НЕОБЫЧНЫЕ ЧАСЫ – ВМЕСТО ЦИФР….
НЕОБЫЧНЫЕ ЧАСЫ - ВМЕСТО ЦИФР….BESTWATCH
Просмотров 23 тыс.
После ввода кода - протирайте панель00:18После ввода кода - протирайте панель
После ввода кода - протирайте панельUp Your Brains
Просмотров 1 млн
СКОЛЬКО БЫ СТОИЛ ТВОЙ ПК ЕСЛИ БЫ ДОЛЛАР БЫЛ ПО 30 РУБЛЕЙ? #rtx #nvidia #ryzen00:38СКОЛЬКО БЫ СТОИЛ ТВОЙ ПК ЕСЛИ БЫ ДОЛЛАР БЫЛ ПО 30 РУБЛЕЙ? #rtx #nvidia #ryzen
СКОЛЬКО БЫ СТОИЛ ТВОЙ ПК ЕСЛИ БЫ ДОЛЛАР БЫЛ ПО 30 РУБЛЕЙ? #rtx #nvidia #ryzenInter Link
Просмотров 140 тыс.
🤬Apple ХОЧЕТ чтобы iPhone ЛОМАЛИСЬ ЧАЩЕ🤑00:36🤬Apple ХОЧЕТ чтобы iPhone ЛОМАЛИСЬ ЧАЩЕ🤑
🤬Apple ХОЧЕТ чтобы iPhone ЛОМАЛИСЬ ЧАЩЕ🤑Pedant.ru
Просмотров 22 тыс.
⚡Контактная сварка медной ленты01:01⚡Контактная сварка медной ленты
⚡Контактная сварка медной лентыПРО Техника
Просмотров 444 тыс.
ФЕНОМЕНАЛЬНОЕ ВЫЖИВАНИЕ НА AM2+ В 2024 ГОДУ22:21ФЕНОМЕНАЛЬНОЕ ВЫЖИВАНИЕ НА AM2+ В 2024 ГОДУ
ФЕНОМЕНАЛЬНОЕ ВЫЖИВАНИЕ НА AM2+ В 2024 ГОДУMaddy MURK
Просмотров 109 тыс.
1$ vs 500$ ВИРТУАЛЬНАЯ РЕАЛЬНОСТЬ !23:201$ vs 500$ ВИРТУАЛЬНАЯ РЕАЛЬНОСТЬ !
1$ vs 500$ ВИРТУАЛЬНАЯ РЕАЛЬНОСТЬ !GoldenBurst
Просмотров 1,5 млн