728x90 ids/ips1 네트워크 보안 - Snort 명령어 모음 rules 경로 ls -l /etc/snort/rules/ ICMP 감지 룰 # vi /etc/snort/rules/local.rules alert icmp any any -> any any (msg:"ICMP Detected";sid:1000001;) Snort 실행(Linux) snort -c /etc/snort/rules/local.rules -i eth0 Snort 실행(Windows) snort -c c:\Snort\rules\local.rules -l C:\Snort\log\ 로그(alert) 확인 tail -f /var/log/snort/alert 참고: https://net123.tistory.com/580 Snort - 04. Snort 룰 구성 및 테스트 Snort - 04. Snort.. 2024. 3. 17. 이전 1 다음 728x90
HackLog