Merge branch 'main' of https://git.vascoalves.xyz/vasco/FSI
This commit is contained in:
jelly Tomas
BIN
ucstudent/pl-apresentação#1 (1).pdf
Normal file
BIN
ucstudent/pl-apresentação#1 (1).pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-apresentação#1.pdf
Normal file
BIN
ucstudent/pl-apresentação#1.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-exercícios#0.pdf
Normal file
BIN
ucstudent/pl-exercícios#0.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-exercícios#1.pdf
Normal file
BIN
ucstudent/pl-exercícios#1.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #2-resolution notes.pdf
Normal file
BIN
ucstudent/pl-practical exercises #2-resolution notes.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #2.pdf
Normal file
BIN
ucstudent/pl-practical exercises #2.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #3-resolution notes.pdf
Normal file
BIN
ucstudent/pl-practical exercises #3-resolution notes.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #3.pdf
Normal file
BIN
ucstudent/pl-practical exercises #3.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #4-resolution notes.pdf
Normal file
BIN
ucstudent/pl-practical exercises #4-resolution notes.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-practical exercises #4.pdf
Normal file
BIN
ucstudent/pl-practical exercises #4.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-presentation#2.pdf
Normal file
BIN
ucstudent/pl-presentation#2.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-presentation#3.pdf
Normal file
BIN
ucstudent/pl-presentation#3.pdf
Normal file
Binary file not shown.
BIN
ucstudent/pl-presentation#4.pdf
Normal file
BIN
ucstudent/pl-presentation#4.pdf
Normal file
Binary file not shown.
83
ucstudent/pl-suricata on centos - installation notes.txt
Normal file
83
ucstudent/pl-suricata on centos - installation notes.txt
Normal file
@@ -0,0 +1,83 @@
|
||||
|
||||
# Installation of Suricata (CentOS 9) with support for the "nfq" module
|
||||
############################################################################
|
||||
|
||||
##### Option 1: Install via YUM package manager
|
||||
yum install epel-release -y
|
||||
yum install suricata
|
||||
|
||||
# Check that suricata has support for NFQ
|
||||
suricata --build-info | grep NFQ
|
||||
# Update rules
|
||||
suricata-update
|
||||
# Check configuration
|
||||
suricata -T -c /etc/suricata/suricata.yaml
|
||||
|
||||
|
||||
##### Option 2: Install from source
|
||||
##### Download and install required packages
|
||||
yum install epel-release -y
|
||||
dnf config-manager --set-enabled crb
|
||||
yum groupinstall "Development Tools" -y
|
||||
##### Download and install required packages
|
||||
yum install epel-release -y
|
||||
dnf config-manager --set-enabled crb
|
||||
yum groupinstall "Development Tools" -y
|
||||
|
||||
yum install -y \
|
||||
libpcap-devel \
|
||||
pcre-devel \
|
||||
libyaml-devel \
|
||||
file-devel \
|
||||
jansson-devel \
|
||||
libcap-ng-devel \
|
||||
libnetfilter_queue-devel \
|
||||
libnfnetlink-devel \
|
||||
libnetfilter_queue \
|
||||
zlib-devel \
|
||||
pcre2-devel \
|
||||
rust cargo \
|
||||
wget \
|
||||
tar
|
||||
|
||||
|
||||
# Download the latest stable version of Suricata
|
||||
cd /usr/src/
|
||||
wget https://www.openinfosecfoundation.org/download/suricata-8.0.3.tar.gz
|
||||
tar zxvf suricata-8.0.3.tar.gz
|
||||
|
||||
# Compile and install
|
||||
cd suricata-8.0.3/
|
||||
./configure --enable-nfqueue
|
||||
|
||||
make -j$(nproc)
|
||||
make install
|
||||
make install-conf
|
||||
make install-rules
|
||||
ldconfig
|
||||
|
||||
# Update rules
|
||||
/usr/local/bin/suricata-update
|
||||
|
||||
|
||||
##### Check configuration
|
||||
/usr/local/bin/suricata --build-info | grep NFQ
|
||||
suricata -T -c /usr/local/etc/suricata/suricata.yaml
|
||||
|
||||
|
||||
##### Example usage
|
||||
|
||||
# Send packets to suricata via NFQUEUE
|
||||
iptables -A OUTPUT -j NFQUEUE --queue-num 0
|
||||
iptables -A INPUT -j NFQUEUE --queue-num 0
|
||||
|
||||
# Run suricata in inline mode (queue 0)
|
||||
suricata -q 0 -c /usr/local/etc/suricata/suricata.yaml
|
||||
|
||||
|
||||
##### Check logs
|
||||
# Analisar alertas resumidos no ficheiro "fast.log"
|
||||
cat fast.log
|
||||
# Analisar informação detalhada dos ataques no formato JSON no ficheiro "eve.json"
|
||||
cat eve.json | jq 'select(.event_type=="alert")' | more
|
||||
|
||||
BIN
ucstudent/pl0-praticas-apresentação.pdf
Normal file
BIN
ucstudent/pl0-praticas-apresentação.pdf
Normal file
Binary file not shown.
BIN
ucstudent/practical assignment 1.pdf
Normal file
BIN
ucstudent/practical assignment 1.pdf
Normal file
Binary file not shown.
BIN
ucstudent/support-vm_install_v2025-26.pdf
Normal file
BIN
ucstudent/support-vm_install_v2025-26.pdf
Normal file
Binary file not shown.
BIN
ucstudent/t0-apresentação.pdf
Normal file
BIN
ucstudent/t0-apresentação.pdf
Normal file
Binary file not shown.
BIN
ucstudent/t1-conceitos_seguranca.pdf
Normal file
BIN
ucstudent/t1-conceitos_seguranca.pdf
Normal file
Binary file not shown.
BIN
ucstudent/t2-firewalls and intrusion detection.pdf
Normal file
BIN
ucstudent/t2-firewalls and intrusion detection.pdf
Normal file
Binary file not shown.
BIN
ucstudent/t3-data integrity.pdf
Normal file
BIN
ucstudent/t3-data integrity.pdf
Normal file
Binary file not shown.
BIN
ucstudent/t4-symmetric encryption.pdf
Normal file
BIN
ucstudent/t4-symmetric encryption.pdf
Normal file
Binary file not shown.
Reference in New Issue
Block a user