Questions tagged [suricata]
questions relating to IDS software developed by the Open Information Security Foundation (OISF).
10 questions
0
votes
1
answer
101
views
Suricata IDS not working with NordVPN connected
I configured suricata.yaml file to detect intrusion in any interface and it works well without NordVPN.
When I test Suricata by visiting:
curl http://testmynids.org/uid/index.html
Result of sudo tail ...
- 101
0
votes
0
answers
49
views
Network sensoring with exceptionally large flows
I wanted to know if anyone had experience handling single flows that generate 90 kpps or upward of traffic. My conundrum is that I use tools which I would like to be able to properly see an entire ...
- 116
1
vote
0
answers
262
views
Two VMs sniff traffic using Network Tap over LAN
I have two VMs running in a VirtualBox. One is running Windows 7 and the other Kali Linux. The host computer is connected via LAN to a Raspberry Pi running a bridge interface so it can monitor the ...
- 11
0
votes
2
answers
463
views
OS X 10.10.3: Apache(2.4.12) + Passenger 5.0.10 from Homebrew doesn't work
Trying to configure Snorby(ruby app) to work with Apache/2.4.12 and Passenger 5.0.10.
-- I've successfully installed from homebrew apache and passenger.
brew install httpd24 passenger
-- Created /...
- 2,187
0
votes
1
answer
238
views
How to get details- like Remote ip- about alert genrated by suricata after scanning pcap file
I wanted to test security of my android phone so I leaved it for one day running tcpdump in the background.
Then I send resulting pcap to virustotal.com. They are scanning pcap file using snort and ...
- 99
1
vote
1
answer
674
views
Starting Suricata with launchctl on Mac OS X
Using Mac OS X Yosemite 10.10.3.
I'm trying to make Suricata start in daemon mode on boot with launchctl.
Here is my /Library/LaunchDaemons/org.suricata.Suricata.plist:
<?xml version="1.0" ...
- 2,187
0
votes
2
answers
1k
views
OS X: suricata: ./configure --enable-nfqueue error
I am trying to configure suricata with nfqueue on mac OS X Yosemite. When I run configure the process reports that several required items are present, but that these cannot be compile. It finally ...
- 2,187
-1
votes
2
answers
387
views
Problems starting Suricata on Mac OS X
I am trying to start Suricata 2.0.7 on Mac OS X but am having issues. Any idea what’s wrong and how to fix it? Here are the errors I am seeing:
$ sudo suricata -c /etc/suricata/suricata.yaml -i en2
...
- 2,187
2
votes
1
answer
13k
views
wget mirroring the site fails - 403 Forbidden, even with user-agent
I need to download suricata's latest rules from this url:
http://rules.emergingthreats.net/blockrules/
I'm trying to compose my own rules based on different emerging rules and snort's rules too. ...
- 23
0
votes
0
answers
6k
views
How to use the Suricata IDS to monitor the entire network?
I have the following 3 PCs connected to a router via Ethernet:
PC1 – 192.168.1.101 (Linux Ubuntu)
PC2 – 192.168.1.100 (Windows)
PC3 – 192.168.1.1 (Windows)
All PCs can ping each other.
PC1 has ...
Alex