-
how to update scirius to 1.1.6 because apt-get update && apt-get upgrade && apt-get dist-upgrade showing there is no update while I'm on 1.1.5
-
- Suricata version: `v7.0.1`
- Suricata runmode: nfqueue
- Suricata Exporter version: `v0.3.0`
After switching Suricata to NFQueue runmode the thread metrics are no longer collected. There are w…
-
Hi all,
After doing some modifications to logstash config I proceed with a sudo rock restart, to restart all services and load the new configuration for logstash.
The ansible playbook seems to …
-
Hi guys,
I am using tikapy to gather alerts from the evebox api (suricata alerts) and then update an address-list in one or several mikrotiks to block the offending IP. I have run into an issue tha…
-
While I have some T-rex setups running with Intel XL710 to achieve 40G with one port I struggle with a 100G setup based on Mellanox ConnectX-6 cards.
So far OFED installation worked, T-Rex setup as…
norg updated
7 months ago
-
I have deployed severel different honeypots on multiple hosts.
For some time everything worked fine, but right now no incoming attacks are shown in MHN.
Tcpdump on the mhn host and on a honeypot (…
-
First of all, Lulu is a great product and thanks for all your hard work.
I'm finding it struggling to find a baseline list of "blocklist" and rules (ips, ports, destinations etc).
Would be great i…
-
https://suricata.io/2024/06/27/suricata-7-0-6-and-6-0-20-released/
-
Taking a quick look at your rules I see that you are using the local *sid* space. Before considering these rules for the Suricata Rule Index (https://github.com/OISF/suricata-intel-index), they should…
-
Hello,
I use netmap in conjunction with Suricata (IPS) under Linux.
Sporadically, the Ethernet interface used fails.
While troubleshooting, I found that in the function nm_dispatch ring->cur over…