I had some trouble with Suricata as an IPS with wordpress and dokuwiki. My wordpress was unable to reach wordpress.org and my dokuwiki was unable to reach the plugin/extension store of dokuwiki. While I’m (still) not sure what exactly is causing this, I found a work-around for it.
Continue reading Your site is unable to reach wordpress.org or dokuwiki plugin store through suricata?Tag: nids
Block Bogons with Suricata
I believe in my old blog I’ve shown how to block bogons with iptables and later with nftables. Here’s how to do it with Suricata.
Continue reading Block Bogons with SuricataCreate a suricata rules file using fail2ban
In my last posts I’ve shown a central syslog which feeds fail2ban, suricata as an intrusion prevention system (IPS) and here is the final piece which feeds suricata with the results of fail2ban by creating a .rules file for suricata-update.
Continue reading Create a suricata rules file using fail2banWorking with suricata
This is a follow up to my last post in which I described how to setup suricata as a IPS which bridges traffic between two interfaces using af-packet (and all that in a virtual machine). Here I’m showing how to work with suricata in general – or rather – how I work with suricata.
Continue reading Working with suricataSetting up Suricata in Debian Bookworm running in KVM with af-packet as IPS
Suricata is a Network Intrusion Detection and Prevention System as well as a Network Security Monitoring engine. For now I am using Suricata as an IPS and here I’ll show you how to set it up.
Continue reading Setting up Suricata in Debian Bookworm running in KVM with af-packet as IPS