Skip to content

marcindulak/vagrant-snort-nfqueue-tutorial-centos7

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits

.tito

.tito

 
 

ipynb

ipynb

 
 

spec

spec

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Vagrantfile

Vagrantfile

 
 

configure_node_exporter_on_snort.sh

configure_node_exporter_on_snort.sh

 
 

configure_prometheus_on_monitor.sh

configure_prometheus_on_monitor.sh

 
 

copr-marcindulak-snort.repo

copr-marcindulak-snort.repo

 
 

node_exporter.json

node_exporter.json

 
 

pytbull_config.cfg

pytbull_config.cfg

 
 

snort-alert-count.py

snort-alert-count.py

 
 

snort-alert-count.service

snort-alert-count.service

 
 

snort-test-alert.service

snort-test-alert.service

 
 

Repository files navigation

Description

An example of snort++ (https://www.snort.org/snort3) network Intrusion Detection and Prevention System (IDS/IPS) deployed on an endpoint apache host.

In this setup the nfqueue (https://home.regit.org/netfilter-en/using-nfqueue-and-libnetfilter_queue/) iptables target is used to enable the intrusion prevention capability of snort, and the prometheus (https://prometheus.io/) time-series database is used for monitoring of snort alerts.

The setup combines vagrant (https://www.vagrantup.com) with jupyter (http://jupyter.org/) in order to achieve a "reproducible", executable documentation in the spirit of https://en.wikipedia.org/wiki/Literate_programming

Please go to vagrant-snort-nfqueue-tutorial-centos7.ipynb

Dependencies

None

License

BSD 2-clause

Todo

About

A test setup of Snort combining Vagrant and Jupyter to produce a fully executable documentation in the spirit of literate programming

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

6 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

3 tags

Packages

No packages published

Languages