31 lines
1.0 KiB
Plaintext
31 lines
1.0 KiB
Plaintext
Konfiguracja IDS i IPS w Suricata:
|
|
|
|
|
|
10.1.10.2. IDS mode
|
|
Runmode AutoFp:
|
|
|
|
management-cpu-set - used for management (example - flow.managers, flow.recyclers)
|
|
receive-cpu-set - used for receive and decode
|
|
worker-cpu-set - used for streamtcp,detect,output(logging),reject
|
|
Rumode Workers:
|
|
|
|
management-cpu-set - used for management (example - flow.managers, flow.recyclers)
|
|
worker-cpu-set - used for receive,streamtcp,decode,detect,output(logging),respond/reject
|
|
|
|
|
|
10.1.10.3. IPS mode
|
|
Runmode AutoFp:
|
|
|
|
management-cpu-set - used for management (example - flow.managers, flow.recyclers)
|
|
receive-cpu-set - used for receive and decode
|
|
worker-cpu-set - used for streamtcp,detect,output(logging)
|
|
verdict-cpu-set - used for verdict and respond/reject
|
|
Runmode Workers:
|
|
|
|
management-cpu-set - used for management (example - flow.managers, flow.recyclers)
|
|
worker-cpu-set - used for receive,streamtcp,decode,detect,output(logging),respond/reject, verdict
|
|
|
|
|
|
Źródło:
|
|
https://suricata.readthedocs.io/en/suricata-6.0.1/configuration/suricata-yaml.html
|