security:ips:suricata
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
| security:ips:suricata [2021/05/06 08:19] – angelegt rsi | security:ips:suricata [2021/05/06 17:39] (aktuell) – rsi | ||
|---|---|---|---|
| Zeile 1: | Zeile 1: | ||
| + | |||
| + | ====== Commands ====== | ||
| + | < | ||
| + | ssh firewall | ||
| + | sudo vi / | ||
| + | sudo service suricata restart | ||
| + | |||
| + | tail -f / | ||
| + | |||
| + | tail -f / | ||
| + | |||
| + | tail -f / | ||
| + | tail -f / | ||
| + | </ | ||
| + | |||
| ====== Suricata Rules ====== | ====== Suricata Rules ====== | ||
| ===== Directory Traversal ===== | ===== Directory Traversal ===== | ||
| - | alert http any any -> 192.168.6.4 80 (msg:" | + | <code> |
| - | drop http any any -> 192.168.6.4 80 (msg:" | + | drop http any any -> 192.168.10.2 80 (msg:" |
| - | + | </ | |
| - | ==== Webshell ==== | + | |
| + | ===== Webshell ===== | ||
| + | < | ||
| + | drop http any any -> 192.168.10.2 80 (msg:" | ||
| + | </ | ||
security/ips/suricata.1620281986.txt.gz · Zuletzt geändert: von rsi
