suricata
Contents
- Basic Linux Commands
- Computer Networks Concepts 2.1 Network Types 2.2 Network Devices 2.3 Cable Types 2.4 General Terms
- Installation VMware
- Installation Kali Linux on VMware
- What IPS/IDS? 5.1 What is IPS? 5.2 IPS Classes 5.3 What is IDS? 5.4 IDS Classes 5.5 What is Signature 5.6 Signature Alarms 5.7 What are the differences between IPS and IDS? 5.8 How to Bypass IDS and IPS?
- What is Suricata? 6.1 What is Suricata? 6.2 What is Suricata used for? 6.3 Why choose Suricata?
- Suricata vs Snort 7.1 Differences 7.2 Malware Viruses/Test Cases
- Suricata Installation
- Suricata Rules 9.1 Rules Format 9.2 Meta Keywords 9.3 IP Keywords 9.4 TCP Keywords 9.5 UDP Keywords 9.6 ICMP Keywords 9.7 Payload Keywords 9.8 Transformations 9.9 Prefiltering Keywords 9.10 Flow Keywords 9.11 Bypass Keyword 9.12 HTTP Keywords 9.13 File Keywords 9.14 DNS Keywords 9.15 SSL/TLS Keywords 9.16 SSH Keywords 9.17 SIP Keywords 9.18 RFB Keywords 9.19 MQTT Keywords 9.20 HTTP2 Keywords 9.21 Generic App Layer Keywords 9.22 IP Reputation Keyword
- Testing Suricata with Basic Rules 10.1 Example 1 10.2 Example 2
- Suricata’s Command Line Options 11.1 What is pcap? 11.2 Unit Tests
- Packet Profiling 12.1 Update Suricata from GIT Repository 12.2 Wireshark 12.3 Use of Wireshark 12.4 Suriwire
- Using Capture Hardware 13.1 eBPF and XDP 13.2 Setup Bypass 13.3 Setup eBPF Filter 13.4 Setup eBPF Bypass
- Splunk Free for Suricata 14.1 What is Splunk? 14.2 How does it work? 14.3 Splunk installation on Kali 14.4 How to use Splunk? 14.5 Splunk for Suricata 14.6 Search Details and Logs
- Suricata on pfSense 15.1 What is pfSense? 15.2 What is firewall? 15.3 What is router? 15.4 Installing pfSense on VMware 15.5 Setup Suricata on pfSense 15.6 Check Out the Config
- Malware& Malicious Traffic 16.1 What is Malicious Traffic? 16.2 Malicious Traffic Types 16.3 How does Malicious Traffic work? 16.4 Detecting Malicious Traffic 16.5 Any.run 16.6 Monitoring Network Traffic with Suricata and ClamAV