[Oisf-users] Suricata on DNS Sinkhole in IPS mode
Blason R
blason16 at gmail.com
Sun Mar 11 05:00:20 UTC 2018
Hi Team,
I am trying to install Suricata in IPS mode on CentOS 7. Below are the
challenges I am facing and need help
I have installed suricata using default RPM
Downloaded the rules
Now I need to start Suricata using default .yaml file,
1. Since CentOS7 has a different interface naming scheme how do I start
Suricata using systemctl?
2. How do I run Suricata in IPS mode to block malicious DNS queries?
3. How do I log DNS events in JSON so that those can be indexed in
elasticsearch?
TIA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180311/81a1b77f/attachment-0002.html>
More information about the Oisf-users
mailing list