Suricata IDS & IPS VS Kali-Linux Attack
HTML-код
- Опубликовано: 28 сен 2024
- -How to setup the Intrusion Detection System (IDS) & Intrusion Prevention System (IPS) in OPNsense firewall.
-Install Suricata Packages.
-Attack Scenario using Kali linux.
-Harden Your Home Network Against Network Intrusions.
![DDG & G Herbo - Nosey [Official Video]](http://i.ytimg.com/vi/I9Ra0Zc2NlQ/mqdefault.jpg)
I'm not finding anything on how to setup policy based IDS/IPS with Suricata on OPNSense. They have an online guide, but that doesn't show you the configuration. Sounds like an opportunity for a new video :-)
Nice, and thank you for taking the time to create this.
It is my pleasure.
Thank you too.
@
IT Networks & Security Damn, nice - I LOVE AND WANT IT.Can it also detect&block wannacry fox example, or other ransomware/ infection?
Nice! which opnsense theme are you using? :)
cicada ahah
@@Totototo-nr8dh yeeees
@@ITNetworksSecurity i really like it.
really , it's amazing ...
Nice video, but I've followed the steps, but it still doesn't working
Not working
No working
Nice video. I would like to see if the other top open source firewalls preform as well. Ipfire with Suricata and pfsense with Suricata. I imagine pfsense will be identical?
Yes pfsense its identical.
What about ipfire? My project is about testing different firewalls. Would the results be identical if i used suricata?
@@Afraa-K why not?
The issue would be around hardware performance though. Network adapter driver issue on bsd vs Linux.
@@Anuitu2u I am testing them using vmware. Is it ok to do that? Or i must test them on their hardware?
@@Afraa-K do iperf test. Maybe you'll see the network performance difference. Usually, OPNsense/PfSense would show less.
But, in close environment, like VMware, virtualbox, usually we don't see the full performance anyway. That's what I thought. Cmiiw.
video not working
I tried replicate your settings. I realized that in the download tab the FILTER column is missing.Version 21.1. I can only choose enable or disable. I hope that it is running correctly though. Thanks for sharing👍
same problem
CPU at 100% and Suricata stop.
Good tutorial. Thanks
Thank u man
Thank you so much🙏🏻. May i know the ip addresses of the wan and lan interfacrs of opensense. Because I want to know how the machines are connected.
4 character password huh. The irony...
Hey I love Suricata and I tried what you suggested. This is what I received: We strongly advise to use policies instead of single rule based changes to limit the size of the configuration. A list of all manual changes can be revised in the policy editor (available here ) Now what? Does anyone have any advice?
You can ignore the policies if you want and don't need to block or protect against specific type of thing while being able to use programs and access sites of that same category (for example blocking P2P clients but still being able to run games which are updated using P2P, World of Warcraft for example is one of those).
Policies allow you to create blocks and protection against specific thing, rules block everything belonging to that category.