This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
сервис_snort [2021/02/23 14:36] val [Debian/Ubuntu] |
сервис_snort [2022/03/15 13:01] val [Debian/Ubuntu] |
||
---|---|---|---|
Line 10: | Line 10: | ||
<code> | <code> | ||
root@server:~# apt install snort | root@server:~# apt install snort | ||
+ | |||
+ | !!! В визарде все по умолчанию ("не понимает" интерфейс bond1) | ||
root@server:~# cat /etc/snort/snort.debian.conf | root@server:~# cat /etc/snort/snort.debian.conf | ||
Line 16: | Line 18: | ||
DEBIAN_SNORT_INTERFACE="eth2" | DEBIAN_SNORT_INTERFACE="eth2" | ||
#DEBIAN_SNORT_INTERFACE="eth1" | #DEBIAN_SNORT_INTERFACE="eth1" | ||
+ | #DEBIAN_SNORT_INTERFACE="bond1" | ||
DEBIAN_SNORT_HOME_NET="192.168.0.0/16" | DEBIAN_SNORT_HOME_NET="192.168.0.0/16" | ||
#DEBIAN_SNORT_HOME_NET="any" | #DEBIAN_SNORT_HOME_NET="any" | ||
Line 31: | Line 34: | ||
root@server:~# snort -T -S HOME_NET=[192.168.0.0/16] -c /etc/snort/snort.conf | root@server:~# snort -T -S HOME_NET=[192.168.0.0/16] -c /etc/snort/snort.conf | ||
- | root@server:~# service snort stop | + | root@server:~# service snort restart |
- | + | ||
- | root@server:~# snort -A console -i eth2 -S HOME_NET=[192.168.0.0/16] -c /etc/snort/snort.conf | + | |
- | + | ||
- | root@server:~# service snort start | + | |
</code> | </code> | ||
Line 47: | Line 46: | ||
==== Пример атаки с isp.un ==== | ==== Пример атаки с isp.un ==== | ||
<code> | <code> | ||
- | isp.un$ wget http://server.corpX.un/root.exe | + | isp.un$ wget http://192.168.X.10/root.exe |
</code> | </code> | ||