suricata

Next Generation Intrusion Detection and Prevention Tool
  https://www.suricata-ids.org/
  2
  1 review


Suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety of attacks / probes by searching packet content.

It can also be used as Intrusion Prevention System (IPS), and as higher layer firewall.

This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB), Gzip Decompression, Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards.

This version has inline (NFQUEUE) support enabled.
Latest reviews
5
AngryMos 5 years ago

Cool program. Version 4.1.3 is ready up to now. Just add its' stable repository, address is here: "https://suricata.readthedocs.io/en/suricata-4.1.2/install.html", and install the program. Some says Suricata doesn't start at boot. But it's wrong. Add it to system start-up by this command: "sudo /lib/systemd/systemd-sysv-install enable suricata". And don't forget to make your "rules" file! You can compile it from huge pack of "rules" attached to installation pack, or write it yourself.