-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathNetwork_-_Suricata.html
12 lines (12 loc) · 1.19 KB
/
Network_-_Suricata.html
1
2
3
4
5
6
7
8
9
10
11
12
<!doctype html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title>Network - Suricata</title>
<meta name="generator" content="CherryTree">
<link rel="stylesheet" href="res/styles3.css" type="text/css" />
</head>
<body>
<div class='page'><h1 class='title'>Network - Suricata</h1><br/><h1>Suricata</h1><br /><br /><h2>• Suricata is an intrusion detection/prevention system<br />• Suricata can monitor network traffic and based on the rules supplied to it, it can perform actions such as alert or block<br /> ◇ IDS mode - intrusion detection, passive<br /> ◇ IPS mode - intrusion prevention, blocks attacks, adds latency<br /> ◇ IDPS mode - hybrid, passive monitoring w/ ability to reset connections<br /> ◇ NSM mode - listens and logs<br />• Rules for Suricata can be protocol specific as it has the ability to parse several protocols<br />• Rules can match patterns, look for specific type of packets, and more<br /></h2><br />Training: <a href="https://www.networkdefense.co/courses/suricata/">https://www.networkdefense.co/courses/suricata/</a><br /><a href="https://suricata.io/learn/">https://suricata.io/learn/</a><br /></div>
</body>
</html>