shadowbq
commented
8 years ago AWS does not a have a layer 2. You can not, you would need to route traffic through snort.. which is not what snort does.
Open jeewanthasas opened 8 years ago
shadowbq
commented
8 years ago AWS does not a have a layer 2. You can not, you would need to route traffic through snort.. which is not what snort does.
shadowbq
commented
8 years ago You could use suricate inline.. https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Setting_up_IPSinline_for_Linux
mihail-velikov
commented
7 years ago Yes, it is possible to setup Security Onion in AWS although it is in experimental state: https://github.com/Security-Onion-Solutions/security-onion/wiki/CloudClient
Can we setup Security Onion in Amazon AWS to monitor AWS instances?