[Oisf-users] Building a hardened Suricata IPS in Kali Linux 1.x/2.x

C. L. Martinez carlopmart at gmail.com
Thu Aug 6 21:54:43 UTC 2015


Hi all,

 Due to some needs, I have installed a Windows 10 Enterprise system in
a HP Microserver.

 I have added hyper-V role to this host and I have setup a Kali 2.x
VM. Now, my next setp is to install suricata as an IPS inside this VM
and inspecting all traffic generated by Windows 10.

 Diagram:

Internet ------> Kali 2.x/Suricata IPS --------> Windows 10

Ok, my doubts comes with iptables. I know how to redirect all traffic
to Suricata but I need "harden" this kali vm to act as a firewall and
IPS.

 Normally, I use BSD systems to accomplish this, and it is pretty easy
with PF, but with iptables I don't see pretty clear.

 Searching web, I see a lot of tutorials about iptables, but only
using simple scenarios.

 Someone knows any good tutorial to accomplish this ??.

 My idea is to control ALL traffic that comes/go to this Windows 10
host among using Suricata ....


More information about the Oisf-users mailing list