Comments on How to Install Suricata IDS on Ubuntu 22.04

Suricata is a free and open-source network analysis and threat detection software developed by OSIF. It can be used as an intrusion detection system (IDS) and an intrusion prevention system (IPS).

2 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: ASD

I reallly appreciated your article.

Do you think you can write an article about Suricata in IPS mode on OpenBSD as well?

Respectfully.

By: walthess

Mr. Jethva,

Thank you for this information. It is very helpful.  I have a question that you might be able to provide some clarity on, please.

I have a couple of hundred entries in the fast.log that report "SURICATA GRE v0 recursion control [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {GRE} xxx.xx.xxx.xxx:0 -> xxx.xx.x.xx:0" Where the 1st IP is a WAP on my network and the 2nd IP is the Aruba controller it connects to.

How would/should I tell Suricata to ignore this traffic because it is the normal function of these devices? Or can I even do that?

Thank you for any asistance.