Pinoy IT Share

Configuration Disclaimer:  this one is only for ubuntu 18.04 and login as root user to be sure In the real environment it is best not to run as root user but for the sake of just testing it I opted to run as root configure the following rules on your mikrotik router: /tool sniffer set streaming-enabled=yes streaming-server=<ip_of_the_server> /tool sniffer set filter-ip-address=<an_example_filter_ip> tool sniffer print ; tool sniffer start ; tool snifer stop Lets Start ... 1.     Configure the correct time zone and NTP synchronization         systemctl start systemd-timesync           systemctl status systemd-timesyncd         dpkg-reconfigure tzdat a 2.     Add the suricata in the repository    add-apt-repository ppa:oisf/suricata-stable 3.     Update the package database:         ...

  Illustration Internet - r epresents the external network where incoming and outgoing traffic flows. Mikrotik - a cts as the gateway between the internal network and the internet. It manages the routing of traffic, enforces network policies, and provides connectivity to the internal devices. Suricata IDS/IPS - p ositioned within the internal network, Suricata monitors the traffic flowing between the Firewall router and the internal devices. It analyzes this traffic for signs of malicious activities or security threats, providing an additional layer of security to the network. Client - a device or software application that requests services or resources from a server.

 What is Suricata? - It is a digital security guard for computer networks. It watches the flow of data moving through a network in real-time to check if there are any signs of cyber threats or unauthorized access. It can detect and prevent potential attacks, acting as a proactive defense system for keeping digital information safe. Key Functions: * I DS (Intrusion Detection System)- Security technology that monitors network or system activities for signs of malicious behavior. *  IPS (Intrusion Prevention System)- Security technology that monitors network or system activities in real-time MikroTik: - is  a Latvian company that develops network equipment and software. They are known for their routers, switches, and wireless systems, which are widely used in various networking applications.