|
|
| (2 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/ | | Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/ |
|
| |
|
| | | Cara yang paling sederhana untuk instalasi Suricata adalah menggunakan repository. Untuk versi terakhir, sebaiknya menggunakan repostory PPA, sebagai berikut, |
| Installing Suricata from PPA repository
| |
| | |
| Even though Suricata is available on the default Ubuntu 18.04 repositories, it may not be up-to-date. As a result, to ensure that you got the latest version installed, you need to add the following PPA repository.
| |
|
| |
|
| sudo add-apt-repository ppa:oisf/suricata-stable | | sudo add-apt-repository ppa:oisf/suricata-stable |
| sudo apt update | | sudo apt update |
|
| |
|
| Once the PPA repo is set, install Suricata with the package manager.
| | Instalasi normal, |
| | |
| apt-cache policy suricata
| |
| suricata:
| |
| Installed: 4.1.2-0ubuntu6
| |
| Candidate: 4.1.2-0ubuntu6
| |
| Version table:
| |
| *** 4.1.2-0ubuntu6 500
| |
| 500 http://ppa.launchpad.net/oisf/suricata-stable/ubuntu bionic/main amd64 Packages
| |
| 100 /var/lib/dpkg/status
| |
| 3.2-2ubuntu3 500
| |
| 500 http://ke.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
| |
| | |
| sudo apt install suricata
| |
| | |
| You can instead install Suricata with debugging enabled.
| |
| | |
| sudo apt install suricata-dbg
| |
|
| |
|
| That is all with installation. At the end of installation, you will have Suricata rules under /etc/suricata/rules/ and the main configuration file under /etc/suricata/suricata.yaml.
| | sudo apt -y install suricata |
|
| |
|
| To list the Suricata rules;
| | Instalasi dengan fasilitas debugging di enabled, |
|
| |
|
| ls -C /etc/suricata/rules/
| | sudo apt -y install suricata-dbg |
| app-layer-events.rules emerging-attack_response.rules emerging-malware.rules emerging-telnet.rules LICENSE
| |
| botcc.portgrouped.rules emerging-chat.rules emerging-misc.rules emerging-tftp.rules modbus-events.rules
| |
| botcc.rules emerging-current_events.rules emerging-mobile_malware.rules emerging-trojan.rules nfs-events.rules
| |
| BSD-License.txt emerging-deleted.rules emerging-netbios.rules emerging-user_agents.rules ntp-events.rules
| |
| ciarmy.rules emerging-dns.rules emerging-p2p.rules emerging-voip.rules sid-msg.map
| |
| classification.config emerging-dos.rules emerging-policy.rules emerging-web_client.rules smb-events.rules
| |
| compromised-ips.txt emerging-exploit.rules emerging-pop3.rules emerging-web_server.rules smtp-events.rules
| |
| compromised.rules emerging-ftp.rules emerging-rpc.rules emerging-web_specific_apps.rules stream-events.rules
| |
| decoder-events.rules emerging-games.rules emerging-scada.rules emerging-worm.rules suricata-4.0-enhanced-open.txt
| |
| dnp3-events.rules emerging-icmp_info.rules emerging-scan.rules files.rules tls-events.rules
| |
| dns-events.rules emerging-icmp.rules emerging-shellcode.rules gpl-2.0.txt tor.rules
| |
| drop.rules emerging-imap.rules emerging-smtp.rules http-events.rules
| |
| dshield.rules emerging-inappropriate.rules emerging-snmp.rules ipsec-events.rules
| |
| emerging-activex.rules emerging-info.rules emerging-sql.rules kerberos-events.rules
| |
|
| |
|
| | Selesai sudah, |
| | * Suricata rules berada di /etc/suricata/rules/ |
| | * File konfigurasi di /etc/suricata/suricata.yaml. |
|
| |
|
| | Sebaiknya di baca2 isi file2 di /etc/suricata/rules/ |
|
| |
|
| ==Referensi== | | ==Referensi== |
| Line 57: |
Line 27: |
|
| |
|
| * [[Suricata]] | | * [[Suricata]] |
| | * [[Suricata (software)]] |
| | * [[Suricata: Instalasi di Ubuntu]] |
| | * [[Suricata: Instalasi di Ubuntu 18.04]] |
| | * [[Suricata: Konfigurasi Minimal Ubuntu 18.04]] |
| | * [[Suricata: Test DDoS Attack]] |
| | * [[Suricata: Konfigurasi Dasar]] |
| | * [[Suricata: Manajemen Rule dengan Oinkmaster]] |
| | * [[Suricata: Instalasi Snorby & barnyard2]] |
Sumber: https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/
Cara yang paling sederhana untuk instalasi Suricata adalah menggunakan repository. Untuk versi terakhir, sebaiknya menggunakan repostory PPA, sebagai berikut,
sudo add-apt-repository ppa:oisf/suricata-stable
sudo apt update
Instalasi normal,
sudo apt -y install suricata
Instalasi dengan fasilitas debugging di enabled,
sudo apt -y install suricata-dbg
Selesai sudah,
- Suricata rules berada di /etc/suricata/rules/
- File konfigurasi di /etc/suricata/suricata.yaml.
Sebaiknya di baca2 isi file2 di /etc/suricata/rules/
Referensi
Pranala Menarik
