vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

r

Browse Source
This commit is contained in:
vascoalvesxyz
2026-03-22 22:27:09 +00:00
parent 51c5d2acc1
commit cec9177566
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
relatorio.tex
View File

@@ -101,7 +101,7 @@ sudo iptables -A FORWARD -i enp0s9 -o enp0s10 -p tcp --dport 21 -j ACCEPT
\section{Intrusion Detection}
As regras que utilizamos para o suricata foram estas:
\begin{lstlisting}[language=bash]
drop tcp \$EXTERNAL\_NET any -> \$HOME\_NET any (msg:"ET"; flags:S; threshold:type both, track by\_src, count 5, seconds 60; classtype:attempted-recon; sid:1000001; rev:1;)
drop tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET"; flags:S; threshold:type both, track by_src, count 5, seconds 60; classtype:attempted-recon; sid:1000001; rev:1;)
drop tcp any any -> any 80 (msg:"SQL injection"; content:"union"; nocase; content:"select"; nocase; classtype:web-application-attack; sid:1000002; rev:1;)
drop tcp any any -> any 80 (msg:"SQl injection"; content:"'or 1=1"; nocase; classtype:web-application-attack; sid:1000003; rev:1;)
drop tcp any any -> any 80 (msg:"XSS"; content:"<script"; nocase; classtype:web-application-attack; sid:1000004; rev:1;)