Questions tagged [suricata]

I recently installed Suricata as an Intrusion Detection System on my Ubuntu-22.04 server. I setup Suricata following a tutorial on digital ocean (https://www.digitalocean.com/community/tutorials/how-to-install-suricata-on-ubuntu-20-04), using the…

I have an IDS setup as follow: Hardware / interfaces WAN <----(brwan)> ROUTER / AP <(br0)----> LAN \ -----(eth1)> | \ | IDS…

Do I have to enter the public IP of eth0 as HOME_NET in the suricata.yaml? vars: # more specific is better for alert accuracy and performance address-groups: HOME_NET: "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]" My understanding is that…

I have a reverseproxy that proxies HTTP/HTTPS traffic between webbservers and I have set up Suricata in order to find and block malicious traffic to it. Is there any way to trigger a alert via a CURL-request? Does the EICAR-test work? I have done…