Intrusion Detection with Suricata – Blue Team Series with Hackersploit
In this episode of our Blue Team series with @HackerSploit we’ll cover the process of installing, configuring, and using Suricata for Blue Team intrusion detection. Suricata is a free and open-source threat detection engine. It detects intrusions by combining IDS, IPS, and network security monitoring.
Chapters:
0:00 Introduction
1:33 What We’ll Be Covering
3:39 Pre Requisites
3:47 Introduction to Suricata
6:31 How Does Suricata Work?
8:04 Where is Suricata Placed In a Network?
8:39 About our Lab Environment
9:30 Practical Demo
9:46 How to Download Suricata
11:33 How to Start Suricata
12:45 How to Configure Suricata
22:12 Specifying Your Own Sources
23:31 Adding Rulesets to Your Configuration
24:30 How to Test the Configuration File
25:52 Loading Suricata with the New Configuration
27:15 How to Run an Intrusion Test with Suricata
28:36 How to Check the Logs
29:10 How to Us Custom Rules
33:29 Examining Suricata Log Files
35:59 Integrating Suricata with Wazuh
50:49 Conclusion
New to Linode? Get started here with a $100 credit!
Check out the Blue Team Security Playlist.
Watch the previous episode.
Subscribe to get notified of new episodes as they come out.
#Linode #suricata #cybersecurity #blueteam
Product: Linode, Security, Blue Team; @HackerSploit ;