Intrusion Detection and Prevention with Suricata: Cybersecurity Lab Scenario

cybersecurity security and p4 programmable n.w
1 / 8
Embed
Share

"Explore a hands-on lab scenario for intrusion detection and prevention using Suricata in the realm of cybersecurity. Learn how to set up Suricata as an IDS and IPS to secure your network against various attacks."

  • Cybersecurity
  • Suricata
  • Lab Scenario
  • Intrusion Detection
  • Prevention
rayaanacharya
quin_er Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Cybersecurity (Security+) and P4 Programmable Switches Lab 14: Intrusion Detection and Prevention using Suricata Ali AlSabeh, Jorge Crichigno University of South Carolina http://ce.sc.edu/cyberinfra Western Academy Support and Training Center (WASTC) University of South Carolina (USC) Energy Sciences Network (ESnet) June 21st, 2023 1

  2. Lab 14: Intrusion Detection and Prevention using Suricata 2

  3. Attack Scenario Using the BR/FW as a Suricata IDS to send alerts upon matching ICMP packets destined to the DNS server Using the BR/FW as Suricata IPS to drop ICMP packets destined to the mail server Using the BR/FW as a Suricata IDS to send alerts upon matching TCP SYN packets destined to the DNS server Using the BR/FW as a Suricata IPS to prevent SYN flood attack against the DNS server 3

  4. Suricata as IDS for ICMP Alerts Adding a new custom rule file to Suricata configuration file Adding a new rule to alert ICMP packets destined to the DNS server 5

  5. Suricata as IPS for ICMP Drops Adding a new rule to drop ICMP packets destined to the mail server Pinging the DNS server Pinging the mail server 6

  6. Suricata as IDS for TCP SYN Alerts Adding a new custom rule file to Suricata configuration file Adding a new rule to alert TCP SYN packets destined to the DNS server 7

  7. Suricata as IPS for TCP SYN Flood Attack Adding a new rule to limit the rate of TCP SYN packets destined to the DNS server servers 8

  8. Suricata as IPS for TCP SYN Flood Attack Inspecting the network usage on the DNS server under TCP SYN flood attack Inspecting the network usage on the mail server under TCP SYN flood attack 9

Related


Understanding IDS/IPS: Enhancing Security with SecurityGen's Advanced Solutions

Understanding IDS/IPS: Enhancing Security with SecurityGen's Advanced Solutions

Security
Machine Learning Techniques for Intrusion Detection Systems

Machine Learning Techniques for Intrusion Detection Systems

shoshana
Snort: An Open-Source Network Intrusion Detection System

Snort: An Open-Source Network Intrusion Detection System

farah
Semantics-Aware Intrusion Detection for Industrial Control Systems by Mer Yksel

Semantics-Aware Intrusion Detection for Industrial Control Systems by Mer Yksel

madilyn
Comprehensive Overview of Distributed Intrusion Detection System (DIDS)

Comprehensive Overview of Distributed Intrusion Detection System (DIDS)

cano_yah
A Hybrid Intrusion Detection System Approach for IEEE 802.11 Wireless Networks

A Hybrid Intrusion Detection System Approach for IEEE 802.11 Wireless Networks

leeandrap
Effective Strategies for Virtualizing Intrusion Detection Systems

Effective Strategies for Virtualizing Intrusion Detection Systems

eshee
Mastering Intrusion Detection with Snort: A Comprehensive Guide

Mastering Intrusion Detection with Snort: A Comprehensive Guide

spagnuolo_j
IDS and IPS for Network Security

IDS and IPS for Network Security

brec932
Intrusion Detection Systems (IDS)

Intrusion Detection Systems (IDS)

leon_m
Root Causes of Intrusion Detection False Negatives: Methodology and Case Study

Root Causes of Intrusion Detection False Negatives: Methodology and Case Study

margiotta_e
Intrusion Detection Systems (IDS) and Snort in Network Security

Intrusion Detection Systems (IDS) and Snort in Network Security

adrol
Network Monitoring Workshop - Incident Response Overview

Network Monitoring Workshop - Incident Response Overview

adalaid
Anomaly-Based Network Intrusion Detection in Cyber Security

Anomaly-Based Network Intrusion Detection in Cyber Security

kam_for
Intrusion Detection and Prevention Systems

Intrusion Detection and Prevention Systems

wilhoite_k
Comprehensive Guide to Hacking Techniques & Intrusion Detection

Comprehensive Guide to Hacking Techniques & Intrusion Detection

ssumm
Radon and Chemical Soil Gas Vapor Intrusion

Radon and Chemical Soil Gas Vapor Intrusion

aria_986
Alternative Vapor Intrusion Screening Tools for Environmental Investigations

Alternative Vapor Intrusion Screening Tools for Environmental Investigations

killgore_l
Client-Side Attacks and Intrusion Detection

Client-Side Attacks and Intrusion Detection

dets300
Intrusion Detection and Security Tools

Intrusion Detection and Security Tools

sraj
Innovative Device-Free Passive Motion Detection System

Innovative Device-Free Passive Motion Detection System

roye_ash
Comprehensive Guide to Hacking Techniques and Intrusion Detection

Comprehensive Guide to Hacking Techniques and Intrusion Detection

davario

More Related Content