Description

An example of snort++ (https://www.snort.org/snort3) network Intrusion Detection and Prevention System (IDS/IPS) deployed on an endpoint apache host.

In this setup the nfqueue (https://home.regit.org/netfilter-en/using-nfqueue-and-libnetfilter_queue/) iptables target is used to enable the intrusion prevention capability of snort, and the prometheus (https://prometheus.io/) time-series database is used for monitoring of snort alerts.

The setup combines vagrant (https://www.vagrantup.com) with jupyter (http://jupyter.org/) in order to achieve a "reproducible", executable documentation in the spirit of https://en.wikipedia.org/wiki/Literate_programming

Please go to vagrant-snort-nfqueue-tutorial-centos7.ipynb

Dependencies

None

License

BSD 2-clause

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.tito		.tito
ipynb		ipynb
spec		spec
LICENSE		LICENSE
README.md		README.md
Vagrantfile		Vagrantfile
configure_node_exporter_on_snort.sh		configure_node_exporter_on_snort.sh
configure_prometheus_on_monitor.sh		configure_prometheus_on_monitor.sh
copr-marcindulak-snort.repo		copr-marcindulak-snort.repo
node_exporter.json		node_exporter.json
pytbull_config.cfg		pytbull_config.cfg
snort-alert-count.py		snort-alert-count.py
snort-alert-count.service		snort-alert-count.service
snort-test-alert.service		snort-test-alert.service

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Uh oh!

Repository files navigation

Description

Dependencies

License

Todo

About

Uh oh!

Releases

Packages

Languages

Uh oh!

License

Uh oh!

marcindulak/vagrant-snort-nfqueue-tutorial-centos7

Folders and files

Latest commit

History

Repository files navigation

Description

Dependencies

License

Todo

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages