-
Notifications
You must be signed in to change notification settings - Fork 285
Initial Setup Suricata IDPS
Peter Manev edited this page Aug 16, 2017
·
8 revisions
Edit /etc/suricata/suricata.yaml and adjust your HOME_NET and/or EXTERNAL_NET and other network variables as needed.
Also you need to set up Suricata to listen/sniff traffic on the correct interface. For that you can double click on the desktop icon Setup-IDS-Interface or run the setup script on the command line :
root@SELKS:~# /opt/selks/Scripts/Setup/setup-selks-ids-interface.sh Please supply a network interface to set up SELKS Suricata IDS inspection on INTERFACE: enp0s3
When prompted - enter the interface name you would like to use for sniffing.
Done.