| by Arround The Web | No comments

How to Install Suricata Intrusion Detection System on Linux Mint 21

In general, we can say that Suricata is a tool for detection of threats and attacks to your network. You can use it for other purposes as well like deep packet inspection and pattern matching. You can install Suricata on your Linux System by following the step-by-step guide explained in this article.

How to Install Suricata Intrusion Detection System on Linux Mint 21

You can install Suricata intrusion detection system on Linux Mint using two methods mentioned below:

1: Install Suricata Intrusion Detection System Using GUI – Linux Mint

While using GUI to install the Suricata just open the software manager, search for the Suricata and click on the Install button:

2: Install Suricata Intrusion Detection System Using Terminal – Linux Mint

To install the Suricata by using terminal you need to follow the steps mentioned below:

Step 1: First, to add the repository execute the command mentioned below:

$ sudo add-apt-repository ppa:oisf/suricata-stable

 

Step 2: Now to install the Suricata run the given below apt command:

$ sudo apt install suricata

 

Step 3: Now to enable the Suricata and start on the boot time execute the command mentioned below:

$ sudo systemctl enable suricata.service

 

Step 4: To verify the successful installation execute the following command:

$ sudo suricata -build-info

 

Step 5: Now to ensure that Suricata system is running, execute the following command:

$ sudo systemctl status suricata

 

Step 6: Next to setup the Suricata give the path /etc/suricata/suricata because its file is in this folder and then configure the Suricata for your internal and external networks:

$ sudo vim /etc/suricata/suricata.yaml

 

Step 7: You can set Suricata rules according to your requirements and to setup the rules execute the command mentioned below:

$ ls /etc/suricata/rules/

 

To install the Emerging Threats run the common given below to update the Suricata:

$ sudo suricata-update

 

Step8: The rules will be installed to the directory /var/lib/suricata/rules/, Now restart the Suricata service by running the following command:

$ sudo systemctl restart suricata

 

To check the Suricata logs you can execute the command given below:

$ sudo tail /var/log/suricata/suricata.log

 

To delete this tool in case you installed it using the Apt Package manager execute the following command on the terminal:

$ sudo apt remove --autoremove suricata

 

Conclusion

Suricata is a useful tool for your network security as it can detect the threats and intrusions to your network system. You can install the Suricata by using the software manager of the Linux Mint and using the apt package manager. You can install it and set it up according to your requirements by following the steps given in the guide above.

Share Button

no related pages

Source: linuxhint.com

Leave a Reply