Differences

This shows you the differences between two versions of the page.

--- сервис_snort [2024/05/11 15:36]
val [Debian/Ubuntu]
+++ сервис_snort [2024/12/06 14:44] (current)
val [Пример атаки с isp.un]
@@ Line 4: / Line 4: @@
   * [[https://help.ubuntu.com/community/SnortIDS]]
   * [[https://www.snort.org/downloads/community/community-rules.tar.gz|!!!Открытые правила для тестирования!!!]]
-  * [[http://www.openinfosecfoundation.org//Альтернативное решение]]
+  * [[https://sansorg.egnyte.com/dl/qsNKTUL2ld|Snort and SSL/TLS Inspection]]
   * [[https://upcloud.com/resources/tutorials/installing-snort-on-debian|How to install Snort on Debian]]
+  * [[https://oisf.net/|Open Information Security Foundation Suricata]]
 ===== Установка, настройка, запуск сервиса =====
@@ Line 60: / Line 62: @@
 # u2spewfoo /var/log/snort/snort.alert
+</code>
+==== Пример атаки с isp.un ====
+<code>
+isp.un$ curl http://192.168.X.10/root.exe
+</code>
+===== Копирование alert_unified2 в syslog =====
+<code>
 # stdbuf -i0 -o0 u2spewfoo <(tail -c +1 -f /var/log/snort/snort.alert) | logger -t snort -p auth.info
@@ Line 74: / Line 84: @@
 [Install]
 WantedBy=multi-user.target
-</code>
-==== Пример атаки с isp.un ====
-<code>
-isp.un$ wget http://192.168.X.10/root.exe
 </code>

Методические материалы Лохтурова Вячеслава