Intrusion Detection with Suricata – Blue Team Series with Hackersploit
In this episode of our Blue Team series with @HackerSploit we’ll cover the process of installing, configuring, and using Suricata for Blue Team intrusion detection. Suricata is a free and open-source threat detection engine. It detects intrusions by combining IDS, IPS, and network security monitoring.
1:33 What We’ll Be Covering
3:39 Pre Requisites
3:47 Introduction to Suricata
6:31 How Does Suricata Work?
8:04 Where is Suricata Placed In a Network?
8:39 About our Lab Environment
9:30 Practical Demo
9:46 How to Download Suricata
11:33 How to Start Suricata
12:45 How to Configure Suricata
22:12 Specifying Your Own Sources
23:31 Adding Rulesets to Your Configuration
24:30 How to Test the Configuration File
25:52 Loading Suricata with the New Configuration
27:15 How to Run an Intrusion Test with Suricata
28:36 How to Check the Logs
29:10 How to Us Custom Rules
33:29 Examining Suricata Log Files
35:59 Integrating Suricata with Wazuh
New to Linode? Get started here with a $100 credit!
Check out the Blue Team Security Playlist.
Watch the previous episode.
Subscribe to get notified of new episodes as they come out.
#Linode #suricata #cybersecurity #blueteam
Product: Linode, Security, Blue Team; @HackerSploit ;
Intrusion Detection with Wazuh – Blue Team Series with Hackersploit
You might also like…
Configuring Root Access | HackerSploit Linux SecurityIn this follow up video to securing your SSH, Alexis from HackerSploit shows how to add users to the sudo group.
Monitor in Real-Time with OSSEC See What’s Taking Place in Your ServerIn part 6 of Blue Team training, we'll cover Intrusion detection with OSSEC, an open-source, host-based intrusion detection system.
HackerSploit: Docker Security EssentialsHackersploit: Docker Security Essentials is a guide to auditing and securing the Docker platform and containers.
How to Deploy and Secure Your MERN App on LinodeIn this video, @codinginflow will show you how to deploy & secure a NodeJS/React application on a Linode and connect it to a domain.