[Oisf-users] Help for Suricata Configuration
Victor Julien
victor at inliniac.net
Fri Nov 11 15:49:22 UTC 2011
On 11/11/2011 04:37 PM, Wenji Wu wrote:
> Folks,
>
> I am new here, Could anybody help me out on Suricata configuration?
>
> Suricata's website posts links to public data sets. Where can I find the
> related configuration files such as: classification.config
> reference.config suricata.yaml ?
>
> I mean how can I set up the following parameters in suricata.yaml:
>
> HOME_NET:
>
> EXTERNAL_NET:
>
> HTTP_SERVERS: "$HOME_NET"
>
> SMTP_SERVERS: "$HOME_NET"
>
> SQL_SERVERS: "$HOME_NET"
>
> DNS_SERVERS: "$HOME_NET"
>
> TELNET_SERVERS: "$HOME_NET"
>
> AIM_SERVERS: any
>
>
In general, check our wiki:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki
More specifically, look at the basic setup:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Basic_Setup
The suricata.yaml docs:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml
And probably the rule management is useful as well:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Rule_Management_with_Oinkmaster
Hope this helps!
Cheers,
Victor
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list