Description

An example of snort++ (https://www.snort.org/snort3) network Intrusion Detection and Prevention System (IDS/IPS) deployed on an endpoint apache host.

In this setup the nfqueue (https://home.regit.org/netfilter-en/using-nfqueue-and-libnetfilter_queue/) iptables target is used to enable the intrusion prevention capability of snort, and the prometheus (https://prometheus.io/) time-series database is used for monitoring of snort alerts.

The setup combines vagrant (https://www.vagrantup.com) with jupyter (http://jupyter.org/) in order to achieve a "reproducible", executable documentation in the spirit of https://en.wikipedia.org/wiki/Literate_programming

Please go to vagrant-snort-nfqueue-tutorial-centos7.ipynb

Dependencies

None

License

BSD 2-clause

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.tito		.tito
ipynb		ipynb
spec		spec
LICENSE		LICENSE
README.md		README.md
Vagrantfile		Vagrantfile
configure_node_exporter_on_snort.sh		configure_node_exporter_on_snort.sh
configure_prometheus_on_monitor.sh		configure_prometheus_on_monitor.sh
copr-marcindulak-snort.repo		copr-marcindulak-snort.repo
node_exporter.json		node_exporter.json
pytbull_config.cfg		pytbull_config.cfg
snort-alert-count.py		snort-alert-count.py
snort-alert-count.service		snort-alert-count.service
snort-test-alert.service		snort-test-alert.service

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Description

Dependencies

License

Todo

About

Releases

Packages

Languages

License

marcindulak/vagrant-snort-nfqueue-tutorial-centos7

Folders and files

Latest commit

History

Repository files navigation

Description

Dependencies

License

Todo

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages