SNORT: Menjalankan sebagai daemon: Difference between revisions

From OnnoCenterWiki
Jump to navigationJump to search
← Older edit
Onnowpurbo (talk | contribs)
69,477 edits
Onnowpurbo (talk | contribs)
69,477 edits
No edit summary
Onnowpurbo (talk | contribs)
69,477 edits
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Gunakan switch -D
Gunakan switch -D
Jika snort di instalasi dengan apt install
Jika snort di instalasi dengan apt install.
Logging ASCII tampaknya lebih memudahkan SNORT Untuk deteksi serangan jika kita membuat local.rules.
 
Logging ASCII
Logging ASCII


  snort -c /etc/snort/snort.conf -l /var/log/snort/ -K ascii -D
  snort -c /etc/snort/snort.conf -l /var/log/snort/ -K ascii -D
Logging binary
snort -c /etc/snort/snort.conf -l /var/log/snort/ -b -D


atau
atau

Latest revision as of 07:54, 11 May 2017

Gunakan switch -D Jika snort di instalasi dengan apt install. Logging ASCII tampaknya lebih memudahkan SNORT Untuk deteksi serangan jika kita membuat local.rules.

Logging ASCII 

snort -c /etc/snort/snort.conf -l /var/log/snort/ -K ascii -D

Logging binary 

snort -c /etc/snort/snort.conf -l /var/log/snort/ -b -D

atau 

/usr/sbin/snort -d -h 192.168.0.0/24 -l /var/log/snort/ -c /etc/snort/snort.conf -s -D

atau 

/usr/sbin/snort -m 027 -D -d -l /var/log/snort \
    -u snort -g snort -c /etc/snort/snort.conf -S HOME_NET=[192.168.0.0/24] -i ens18


Gunakan full path agar bisa di restart dengan signal SIGHUP 

/usr/local/bin/snort -d -h 192.168.1.0/24 \
     -l /var/log/snortlogs -c /usr/local/etc/snort.conf -s -D
Retrieved from "https://lms.onnocenter.or.id/wiki/index.php?title=SNORT:_Menjalankan_sebagai_daemon&oldid=47876"