{"id":15374,"date":"2024-01-11T13:47:22","date_gmt":"2024-01-11T10:17:22","guid":{"rendered":"https:\/\/rasanegar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/"},"modified":"2024-01-11T13:47:22","modified_gmt":"2024-01-11T10:17:22","slug":"%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8","status":"publish","type":"post","link":"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/","title":{"rendered":"\u0631\u0648\u0634 \u0646\u0635\u0628 Suricata \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0645\u0646 \u06a9\u0631\u062f\u0646 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0633\u0631\u0641\u0635\u0644\u0647\u0627\u06cc \u0645\u0637\u0644\u0628<\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#%d9%be%db%8c%d8%b4_%d9%86%db%8c%d8%a7%d8%b2%d9%87%d8%a7\" >\u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#%d8%b1%d9%88%d8%b4_%d9%86%d8%b5%d8%a8_suricata_%d8%b1%d9%88%db%8c_%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88\" >\u0631\u0648\u0634 \u0646\u0635\u0628 Suricata \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#1_%d8%a8%d8%b3%d8%aa%d9%87_%d9%87%d8%a7%db%8c_%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88_%d8%b1%d8%a7_%d8%a8%d9%87_%d8%b1%d9%88%d8%b2_%da%a9%d9%86%db%8c%d8%af\" >1. \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#2_suricata_%d8%b1%d8%a7_%d9%86%d8%b5%d8%a8_%da%a9%d9%86%db%8c%d8%af\" >2. Suricata \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#3_suricata_%d8%b1%d8%a7_%d9%be%db%8c%da%a9%d8%b1%d8%a8%d9%86%d8%af%db%8c_%da%a9%d9%86%db%8c%d8%af\" >3. Suricata \u0631\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#4_%d8%b1%d8%a7%d8%a8%d8%b7_%d9%87%d8%a7%db%8c_%d8%b4%d8%a8%da%a9%d9%87_%d8%b1%d8%a7_%d9%81%d8%b9%d8%a7%d9%84_%da%a9%d9%86%db%8c%d8%af\" >4. \u0631\u0627\u0628\u0637 \u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#5_suricata_%d8%b1%d8%a7_%d8%b4%d8%b1%d9%88%d8%b9_%da%a9%d9%86%db%8c%d8%af\" >5. Suricata \u0631\u0627 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#6_%d8%b1%d8%a7%d9%87_%d8%a7%d9%86%d8%af%d8%a7%d8%b2%db%8c_suricata_%d8%b1%d8%a7_%d8%ae%d9%88%d8%af%da%a9%d8%a7%d8%b1_%da%a9%d9%86%db%8c%d8%af\" >6. \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc Suricata \u0631\u0627 \u062e\u0648\u062f\u06a9\u0627\u0631 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#7_%d8%aa%d8%b3%d8%aa_%d8%b9%d9%85%d9%84%da%a9%d8%b1%d8%af_suricata\" >7. \u062a\u0633\u062a \u0639\u0645\u0644\u06a9\u0631\u062f Suricata<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#8_%d9%82%d9%88%d8%a7%d9%86%db%8c%d9%86_suricata_%d8%b1%d8%a7_%d8%a8%d9%87_%d8%b1%d9%88%d8%b2_%da%a9%d9%86%db%8c%d8%af\" >8. \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/rasanegaar.com\/blog\/%d8%b1%d9%88%d8%b4-%d9%86%d8%b5%d8%a8-suricata-%d8%b1%d9%88%db%8c-%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88-%d8%a8%d8%b1%d8%a7%db%8c-%d8%a7%db%8c%d9%85%d9%86-%da%a9%d8%b1%d8%af%d9%86-%d8%b4%d8%a8\/#%d9%86%d8%aa%db%8c%d8%ac%d9%87\" >\u0646\u062a\u06cc\u062c\u0647<\/a><\/li><\/ul><\/nav><\/div>\n<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 10<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span><p> <br \/>\n<\/p>\n<div class=\"post-content\">\n<p>\u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 (IDS) \u0648 \u0633\u06cc\u0633\u062a\u0645 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 (IPS) \u0628\u0647 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0645\u062c\u0631\u0645\u0627\u0646 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f.  \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0647\u200c\u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0631\u0627 \u062d\u0630\u0641 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u0648 \u0628\u0647 \u0645\u062d\u0636 \u06cc\u0627\u0641\u062a\u0646 \u06cc\u06a9 \u0641\u0639\u0627\u0644\u06cc\u062a \u0645\u062e\u0631\u0628\u060c \u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0631\u0627 \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f.<\/p>\n<p>\u062f\u0631 \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 (VPS)\u060c Suricata \u06cc\u06a9 \u0631\u0627\u0647 \u062d\u0644 \u0645\u062d\u0628\u0648\u0628 IDS \u0648 IPS \u0627\u0633\u062a.  \u0627\u06cc\u0646 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0628\u0648\u062f\u0646\u060c \u0628\u0631\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0627\u0632 \u062c\u0645\u0644\u0647 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0648 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a.<\/p>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647 \u0631\u0648\u0634 \u0646\u0635\u0628 Suricata \u0631\u0627 \u062a\u0648\u0636\u06cc\u062d \u0645\u06cc \u062f\u0647\u06cc\u0645 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0631\u0627\u06cc \u06a9\u0645\u06a9 \u0628\u0647 \u0628\u0647\u0628\u0648\u062f \u0627\u0645\u0646\u06cc\u062a \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627.  \u0647\u0645\u0686\u0646\u06cc\u0646 \u06cc\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06af\u0631\u0641\u062a \u06a9\u0647 \u0686\u06af\u0648\u0646\u0647 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u0648 \u0642\u0648\u0627\u0646\u06cc\u0646 \u062a\u0634\u062e\u06cc\u0635 \u062c\u062f\u06cc\u062f \u0631\u0627 \u0645\u062a\u0646\u0627\u0633\u0628 \u0628\u0627 \u0634\u06cc\u0648\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc VPS \u062e\u0648\u062f \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f.<\/p>\n<div class=\"wp-block-image\">\n<\/div>\n<h2 class=\"wp-block-heading\" id=\"h-prerequisites\"><span class=\"ez-toc-section\" id=\"%d9%be%db%8c%d8%b4_%d9%86%db%8c%d8%a7%d8%b2%d9%87%d8%a7\"><\/span><span class=\"ez-toc-section\" id=\"Prerequisites\"><\/span>\u067e\u06cc\u0634 \u0646\u06cc\u0627\u0632\u0647\u0627<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0627\u06af\u0631\u0686\u0647 Suricata \u062d\u062f\u0627\u0642\u0644 \u0646\u06cc\u0627\u0632\u0647\u0627\u06cc \u0633\u062e\u062a \u0627\u0641\u0632\u0627\u0631\u06cc \u062e\u0648\u062f \u0631\u0627 \u0630\u06a9\u0631 \u0646\u0645\u06cc \u06a9\u0646\u062f\u060c \u0645\u0627 \u062d\u062f\u0627\u0642\u0644 \u0622\u0646 \u0631\u0627 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 <strong>2 \u0633\u06cc \u067e\u06cc \u06cc\u0648<\/strong> \u0647\u0633\u062a\u0647 \u0647\u0627 \u0648 <strong>4 \u06af\u06cc\u06af\u0627\u0628\u0627\u06cc\u062a<\/strong> \u0631\u0645 \u0628\u0631\u0627\u06cc \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0627\u0632 \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0647\u06cc\u0646\u0647<\/p>\n<p>\u0627\u06af\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc VPS \u0646\u062f\u0627\u0631\u06cc\u062f\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u0628\u0627 \u0622\u0646 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f <strong>\u0647\u0627\u0633\u062a\u06cc\u0646\u06aferKVM 2<\/strong> \u0628\u0631\u0646\u0627\u0645\u0647 \u0631\u06cc\u0632\u06cc \u0648 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0631 \u0635\u0648\u0631\u062a \u0646\u06cc\u0627\u0632.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644\u060c \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u06a9\u0647 VPS \u0634\u0645\u0627 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f <strong>\u0627\u0648\u0628\u0648\u0646\u062a\u0648 22.04<\/strong> \u0648 \u06cc\u0627 \u0628\u0639\u062f.  \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u062f\u06cc\u0645\u06cc\u200c\u062a\u0631 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0627 \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 Suricata \u0646\u0627\u0633\u0627\u0632\u06af\u0627\u0631 \u0628\u0627\u0634\u0646\u062f.<\/p>\n<p>\u0647\u0627\u0633\u062a\u06cc\u0646\u06afer  \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u0646\u062f <strong>hPanel<\/strong>\u0646\u0635\u0628 \u06a9\u0646\u0646\u062f\u0647 \u0628\u0627 \u06cc\u06a9 \u06a9\u0644\u06cc\u06a9 \u0628\u0631\u0627\u06cc \u062c\u0627\u0628\u062c\u0627\u06cc\u06cc \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.  \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u06a9\u0627\u0631\u060c \u0628\u0647 \u0645\u0633\u06cc\u0631 \u062e\u0648\u062f \u0628\u0631\u0648\u06cc\u062f <strong>\u0646\u0645\u0627\u06cc \u06a9\u0644\u06cc VPS<\/strong> \u0646\u0648\u0627\u0631 \u06a9\u0646\u0627\u0631\u06cc \u0645\u0646\u0648 \u2192 <strong>\u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0648 \u067e\u0646\u0644<\/strong> \u2192 <strong>\u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644<\/strong> \u2192 <strong>\u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0633\u0627\u062f\u0647<\/strong>.  \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0631\u0627 \u0627\u0646\u062a\u062e\u0627\u0628 \u06a9\u0631\u062f\u0647 \u0648 \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f <strong>\u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f<\/strong>.<\/p>\n<div class=\"wp-block-image\">\n<\/div>\n<p>\u0646\u0635\u0628 Suricata \u0646\u06cc\u0632 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u062f root \u06cc\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a superuser \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0644\u06cc\u0646\u0648\u06a9\u0633.  \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0645\u0633\u0627\u0626\u0644 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0645\u062c\u0648\u0632 \u0648 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0627\u0632 \u0631\u0648\u0627\u0646 \u0628\u0648\u062f\u0646 command-line \u0646\u0635\u0628 \u0648 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc process\u060c \u06cc\u06a9 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u0647 \u0645\u06cc\u0632\u0628\u0627\u0646 VPS \u0628\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0645\u0644 \u0628\u0647 \u0633\u0631\u0648\u0631 \u0627\u0646\u062a\u062e\u0627\u0628 \u06a9\u0646\u06cc\u062f\u060c \u0645\u0627\u0646\u0646\u062f \u0647\u0627\u0633\u062a\u06cc\u0646\u06afer.<\/p>\n<p>\u062c\u062f\u0627\u06cc \u0627\u0632 \u0633\u0627\u0632\u06af\u0627\u0631\u06cc \u06af\u0633\u062a\u0631\u062f\u0647\u060c \u0628\u0647\u062a\u0631\u06cc\u0646 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc VPS \u0628\u0627\u06cc\u062f \u0622\u067e\u062a\u0627\u06cc\u0645 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0648 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f.  \u0645\u062b\u0644\u0627\u060c \u0647\u0627\u0633\u062a\u06cc\u0646\u06afer \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f<strong> \u062f\u0633\u062a\u06cc\u0627\u0631 \u0647\u0648\u0634 \u0645\u0635\u0646\u0648\u0639\u06cc<\/strong>\u060c \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u0648\u0638\u0627\u06cc\u0641 \u0631\u0627 \u0628\u0627 \u0648\u0627\u0631\u062f \u06a9\u0631\u062f\u0646 \u0627\u0639\u0644\u0627\u0646 \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0647\u0648\u0634 \u0645\u0635\u0646\u0648\u0639\u06cc \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a VPS \u0633\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n<p>\u0645\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u06cc\u0645 <strong>\u0645\u0631\u0648\u0631\u06af\u0631 terminal<\/strong>  \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u0628\u062f\u0648\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06a9\u0644\u0627\u06cc\u0646\u062a SSH \u0645\u0627\u0646\u0646\u062f PuTTY \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0645\u062a\u0635\u0644 \u0634\u0648\u06cc\u062f.  \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 VPS \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631 \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u062f\u0631 \u0645\u0646\u0648\u06cc \u0646\u0645\u0627\u06cc \u06a9\u0644\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <strong>\u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 SSH<\/strong> \u0628\u0631\u06af\u0647<\/p>\n<div>\n<p class=\"important\"><strong>\u0645\u0647\u0645!<\/strong> \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636\u060c \u0634\u0645\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0648\u0627\u0631\u062f \u0634\u0648\u06cc\u062f root \u06a9\u0627\u0631\u0628\u0631.  \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0627\u062c\u0631\u0627\u06cc \u062a\u0635\u0627\u062f\u0641\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0645\u062e\u0631\u0628\u060c \u0628\u0647 \u062d\u0633\u0627\u0628 \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0633\u0648\u067e\u0631\u06a9\u0627\u0631\u0628\u0631 \u0633\u0648\u0626\u06cc\u0686 \u06a9\u0646\u06cc\u062f.<\/p>\n<\/div>\n<p>\u0647\u0645\u0647 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc VPS \u0645\u0627 \u06cc\u06a9<strong> \u06af\u0627\u0631\u0627\u0646\u062a\u06cc 99.9% \u0622\u067e\u062a\u0627\u06cc\u0645<\/strong> \u0648 \u0627\u0644\u0641 <strong>\u0628\u0627 \u0636\u0645\u0627\u0646\u062a \u0628\u0631\u06af\u0634\u062a 30 \u0631\u0648\u0632\u0647 \u067e\u0648\u0644<\/strong>.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-how-to-install-suricata-on-ubuntu\"><span class=\"ez-toc-section\" id=\"%d8%b1%d9%88%d8%b4_%d9%86%d8%b5%d8%a8_suricata_%d8%b1%d9%88%db%8c_%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88\"><\/span><span class=\"ez-toc-section\" id=\"How_to_Install_Suricata_on_Ubuntu\"><\/span>\u0631\u0648\u0634 \u0646\u0635\u0628 Suricata \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0642\u0633\u0645\u062a \u0645\u0631\u0627\u062d\u0644 \u0646\u0635\u0628 Suricata \u0631\u0627 \u062a\u0648\u0636\u06cc\u062d \u0645\u06cc \u062f\u0647\u06cc\u0645 \u0631\u0648\u06cc \u06cc\u06a9 VPS \u062f\u0631 \u062d\u0627\u0644 \u0627\u062c\u0631\u0627 <strong>\u0627\u0648\u0628\u0648\u0646\u062a\u0648 22.04<\/strong>.  \u0627\u06af\u0631 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f \u0631\u0648\u06cc \u06cc\u06a9 \u062f\u0631\u0648\u0627\u0632\u0647 host \u0628\u0631\u0627\u06cc \u0627\u0633\u06a9\u0646 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0648\u0631\u0648\u062f\u06cc \u0648 \u062e\u0631\u0648\u062c\u06cc \u0634\u0628\u06a9\u0647 \u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0647 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0627\u0636\u0627\u0641\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u0635\u0644\u0627\u062d \u0642\u0648\u0627\u0646\u06cc\u0646 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-1-update-ubuntu-packages\"><span class=\"ez-toc-section\" id=\"1_%d8%a8%d8%b3%d8%aa%d9%87_%d9%87%d8%a7%db%8c_%d8%a7%d9%88%d8%a8%d9%88%d9%86%d8%aa%d9%88_%d8%b1%d8%a7_%d8%a8%d9%87_%d8%b1%d9%88%d8%b2_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"1_Update_Ubuntu_Packages\"><\/span>1. \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0642\u0628\u0644 \u0627\u0632 \u0646\u0635\u0628 Suricata \u060c APT \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u0645\u062d\u0644\u06cc \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc \u06a9\u0646\u06cc\u062f.  \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u062a\u06a9\u0647 \u0647\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0633\u0627\u06cc\u0631 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0628\u0631\u0627\u06cc \u06a9\u0645\u06a9 \u0628\u0647 \u0628\u0647\u0628\u0648\u062f \u0627\u0645\u0646\u06cc\u062a \u0648 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0645\u0634\u06a9\u0644\u0627\u062a \u0646\u0627\u0633\u0627\u0632\u06af\u0627\u0631\u06cc \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0644\u06cc\u0633\u062a \u0628\u0647 \u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0628\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0645\u062e\u0632\u0646 APT \u062e\u0648\u062f \u060c \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt update<\/pre>\n<p>\u0628\u0647 \u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0647\u0645\u0647 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt upgrade<\/pre>\n<p>\u0631\u0627 process \u0628\u0633\u062a\u0647 \u0628\u0647 \u0627\u06cc\u0646\u06a9\u0647 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0686\u0646\u062f \u062f\u0642\u06cc\u0642\u0647 \u06cc\u0627 \u0686\u0646\u062f \u0633\u0627\u0639\u062a \u0637\u0648\u0644 \u0628\u06a9\u0634\u062f \u0631\u0648\u06cc \u0627\u0646\u062f\u0627\u0632\u0647 \u06a9\u0644 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0648 \u0633\u0631\u0639\u062a \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0634\u0645\u0627.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-2-install-suricata\"><span class=\"ez-toc-section\" id=\"2_suricata_%d8%b1%d8%a7_%d9%86%d8%b5%d8%a8_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"2_Install_Suricata\"><\/span>2. Suricata \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0631\u0648\u0634 \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641\u06cc \u0628\u0631\u0627\u06cc \u0646\u0635\u0628 Suricata \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648  \u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u060c \u0633\u0647 \u0631\u0627\u0647 \u0645\u0634\u062a\u0631\u06a9 \u0631\u0627 \u0627\u0632 \u0633\u0627\u062f\u0647 \u062a\u0631\u06cc\u0646 \u0634\u0631\u0648\u0639 \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f.<\/p>\n<p><strong>Suricata \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 APT \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<\/strong><\/p>\n<p>\u0628\u0631\u0627\u06cc \u0646\u0635\u0628 Suricata \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u062e\u0632\u0646 \u0645\u062d\u0644\u06cc APT:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt install -y suricata<\/pre>\n<p>\u0628\u0631\u0627\u06cc \u062a\u0623\u06cc\u06cc\u062f \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 Suricata \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0646\u0635\u0628 \u0634\u062f\u0647 \u0627\u0633\u062a \u060c \u0634\u0645\u0627\u0631\u0647 \u0646\u0633\u062e\u0647 \u0622\u0646 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">suricata -V<\/pre>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"778\" height=\"44\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" alt=\"\u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0634\u0645\u0627\u0631\u0647 \u0646\u0633\u062e\u0647 Suricata \u0646\u0635\u0628 \u0634\u062f\u0647 \u0631\u0627 \u0628\u0631\u0645\u06cc \u06af\u0631\u062f\u0627\u0646\u062f\" class=\"wp-image-101641\" srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 778w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-returns-installed-suricata-version-number-300x17.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-returns-installed-suricata-version-number-150x8.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-returns-installed-suricata-version-number-768x43.webp 768w\" sizes=\"(max-width: 778px) 100vw, 778px\" title=\"\"><\/figure>\n<\/div>\n<div>\n<p class=\"important\"><strong>\u0645\u0647\u0645!<\/strong> \u0627\u0632 \u0633\u0631\u0645\u0627\u06cc\u0647 \u06af\u0630\u0627\u0631\u06cc \u0635\u062d\u06cc\u062d \u0647\u0646\u06af\u0627\u0645 \u0648\u0631\u0648\u062f \u0628\u0647 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f \u0632\u06cc\u0631\u0627 \u062d\u0633\u0627\u0633 \u0628\u0647 \u0645\u0648\u0627\u0631\u062f \u0647\u0633\u062a\u0646\u062f.<\/p>\n<\/div>\n<p>\u06cc\u0627 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0646\u0635\u0628 \u0634\u062f\u0647 \u0631\u0627 \u0641\u0647\u0631\u0633\u062a \u06a9\u0646\u06cc\u062f \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <strong>\u0644\u06cc\u0633\u062a \u0645\u0646\u0627\u0633\u0628<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0648 \u0641\u06cc\u0644\u062a\u0631 Suricata \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <strong>grep <\/strong>\u0645\u0627\u0646\u0646\u062f \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt list --installed | grep suricata<\/pre>\n<p>\u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0631\u0648\u0634 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0627\u0632 \u0632\u0645\u0627\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0645\u062e\u0632\u0646 \u0645\u062d\u0644\u06cc APT Package Manager \u060c \u0646\u0633\u062e\u0647 \u0642\u062f\u06cc\u0645\u06cc \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u062f.<\/p>\n<p><strong>Suricata \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0628\u0627\u06cc\u0646\u0631\u06cc \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<\/strong><\/p>\n<p>\u0628\u0631\u0627\u06cc \u0646\u0635\u0628 \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u067e\u0627\u06cc\u062f\u0627\u0631\u060c import \u0631\u0627 <a href=\"https:\/\/suricata.io\/our-story\/oisf\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" link=\"external\" class=\"broken_link\">\u0628\u0646\u06cc\u0627\u062f \u0627\u0645\u0646\u06cc\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u0627\u0632 (OISF)<\/a> \u0645\u062e\u0632\u0646 \u0627\u0632 \u0633\u0631\u0648\u0631 Suricata.  \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u06a9\u0627\u0631\u060c \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt install software-properties-common<\/pre>\n<pre class=\"wp-block-preformatted\">sudo add-apt-repository ppa:oisf\/suricata-stable<\/pre>\n<p>\u0645\u0637\u0628\u0648\u0639\u0627\u062a <strong>\u0648\u0627\u0631\u062f<\/strong> \u0627\u06af\u0631 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u062a\u0623\u06cc\u06cc\u062f \u0628\u062e\u0648\u0627\u0647\u062f.  \u067e\u0633 \u0627\u0632 \u0648\u0627\u0631\u062f \u06a9\u0631\u062f\u0646 \u0645\u062e\u0632\u0646 \u060c APT \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f \u0648 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u0628\u0627 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt install suricata<\/pre>\n<p>\u0627\u06af\u0631 \u0627\u0632 \u062f\u06cc\u06af\u0631 \u0645\u0634\u062a\u0642\u0627\u062a \u062f\u0628\u06cc\u0627\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u062f\u060c \u0627\u0632 \u0645\u062e\u0632\u0646 backports \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u067e\u0627\u06cc\u062f\u0627\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f.  \u0631\u062c\u0648\u0639 \u0628\u0647 <a href=\"https:\/\/docs.suricata.io\/en\/latest\/install.html#debian\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\">\u0631\u0627\u0647\u0646\u0645\u0627\u06cc \u0646\u0635\u0628 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0628\u0627\u06cc\u0646\u0631\u06cc Suricata<\/a> \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0646.<\/p>\n<p><strong>\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Suricata \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f Source \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u062a\u0648\u0632\u06cc\u0639<\/strong><\/p>\n<p>\u062a\u0646\u0638\u06cc\u0645 Suricata \u0627\u0632 \u067e\u0631\u0648\u0646\u062f\u0647 \u0647\u0627\u06cc \u062a\u0648\u0632\u06cc\u0639 \u0645\u0646\u0628\u0639 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0646\u0635\u0628 \u0631\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f.  \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644 \u060c \u0634\u0645\u0627 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0646\u0635\u0628 \u0686\u0646\u062f\u06cc\u0646 \u0648\u0627\u0628\u0633\u062a\u06af\u06cc \u0648 \u0647\u062f\u0631\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u062a\u0648\u0633\u0639\u0647 \u062f\u0627\u0631\u06cc\u062f.<\/p>\n<p>\u067e\u0633 \u0627\u0632 \u0646\u0635\u0628 <a href=\"https:\/\/docs.suricata.io\/en\/latest\/install.html#dependencies\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\">\u0648\u0627\u0628\u0633\u062a\u06af\u06cc \u0647\u0627\u06cc \u0633\u0648\u0631\u06cc\u06a9\u0627\u062a\u0627<\/a>\u060c \u0633\u067e\u0633 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">tar xzvf suricata-6.0.0.tar.gz<\/pre>\n<pre class=\"wp-block-preformatted\">cd suricata-6.0.0<\/pre>\n<pre class=\"wp-block-preformatted\">.\/configure<\/pre>\n<pre class=\"wp-block-preformatted\">make<\/pre>\n<pre class=\"wp-block-preformatted\">make install<\/pre>\n<h3 class=\"wp-block-heading\" id=\"h-3-configure-suricata\"><span class=\"ez-toc-section\" id=\"3_suricata_%d8%b1%d8%a7_%d9%be%db%8c%da%a9%d8%b1%d8%a8%d9%86%d8%af%db%8c_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"3_Configure_Suricata\"><\/span>3. Suricata \u0631\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0628\u0633\u062a\u0647 Suricata \u0634\u0627\u0645\u0644 \u06cc\u06a9 <strong>YAML<\/strong> \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0631\u0627\u06cc \u0628\u0647\u06cc\u0646\u0647 \u0633\u0627\u0632\u06cc \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0648 \u0631\u0641\u062a\u0627\u0631 \u0627\u0628\u0632\u0627\u0631.  \u0634\u0645\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0648\u06cc\u0631\u0627\u06cc\u0634\u06af\u0631 \u0645\u062a\u0646 \u0648\u06cc\u0631\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f <strong>\u0646\u0627\u0646\u0648<\/strong>:<\/p>\n<pre class=\"wp-block-preformatted\">sudo nano \/etc\/suricata\/suricata.yaml<\/pre>\n<p>\u0631\u0627 <strong>suricata.yaml<\/strong> \u0641\u0627\u06cc\u0644 \u062f\u0627\u0631\u0627\u06cc \u0686\u0646\u062f\u06cc\u0646 \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0622\u0646\u0647\u0627 \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f.  \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0631\u0627\u06cc\u062c \u062a\u0631\u06cc\u0646 \u0622\u0646\u0647\u0627 \u0647\u0633\u062a\u0646\u062f:<\/p>\n<ul>\n<li><strong>\u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627\u0628\u0637<\/strong>.  \u0631\u0648\u0634 \u0648 \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u06af\u0631\u0641\u062a\u0646 \u0628\u0633\u062a\u0647 \u0631\u0627 \u062a\u0639\u06cc\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u062f.  \u0628\u0631\u062e\u06cc \u0627\u0632 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0647\u0633\u062a\u0646\u062f <strong>af;-packets<\/strong>\u060c <strong>af-xdp<\/strong>\u060c \u0648 <strong>pcap<\/strong>.<\/li>\n<li><strong>\u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645<\/strong>.  \u062c\u0627\u06cc\u06cc \u06a9\u0647 Suricata \u062a\u0634\u062e\u06cc\u0635 \u0634\u0628\u06a9\u0647\u060c \u0642\u0627\u0644\u0628 \u0648 \u0633\u0637\u062d \u0647\u0634\u062f\u0627\u0631 \u0631\u0627 \u062b\u0628\u062a \u0645\u06cc \u06a9\u0646\u062f\u060c \u062a\u063a\u06cc\u06cc\u0631 \u0645\u06cc \u062f\u0647\u062f.  \u0634\u0645\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f <strong>\u062e\u0631\u0648\u062c\u06cc \u0647\u0627 <\/strong>\u067e\u0627\u0631\u0627\u0645\u062a\u0631.<\/li>\n<li><strong>\u0641\u0627\u06cc\u0644 PID<\/strong>.  \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u062f process \u0641\u0627\u06cc\u0644 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc (PID) \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc Suricata \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u062f\u06cc\u0645\u0648\u0646 \u06cc\u0627 \u0633\u0631\u0648\u06cc\u0633.  \u0646\u0627\u0645 \u0648 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0622\u0646 \u0631\u0627 \u062f\u0631 <strong>\u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc pid<\/strong> \u067e\u0627\u0631\u0627\u0645\u062a\u0631.<\/li>\n<li><strong>\u0642\u0648\u0627\u0646\u06cc\u0646 \u062a\u0634\u062e\u06cc\u0635<\/strong>.  \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u062d\u0627\u0648\u06cc \u0642\u0648\u0627\u0646\u06cc\u0646 \u0641\u06cc\u0644\u062a\u0631\u06cc\u0646\u06af \u0628\u0633\u062a\u0647 \u0648 \u0645\u06a9\u0627\u0646 \u0622\u0646\u0647\u0627 \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u0645\u06cc \u06a9\u0646\u062f.  \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627 \u0647\u0633\u062a\u0646\u062f <strong>\u067e\u06cc\u0634 \u0641\u0631\u0636-\u0642\u0627\u0639\u062f\u0647-\u0645\u0633\u06cc\u0631<\/strong> \u0648 <strong>\u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u0642\u0627\u0646\u0648\u0646<\/strong>\u060c \u0628\u0647 \u062a\u0631\u062a\u06cc\u0628.<\/li>\n<li><strong>\u0627\u0646\u062f\u0627\u0632\u0647 \u0647\u0627\u06cc \u0628\u0633\u062a\u0647<\/strong>.  \u062d\u062f\u0627\u06a9\u062b\u0631 \u0627\u0646\u062f\u0627\u0632\u0647 \u0628\u0633\u062a\u0647 \u0631\u0627 \u06a9\u0647 \u0628\u0627\u06cc\u062f \u062a\u0648\u0633\u0637 Suricata \u067e\u0631\u062f\u0627\u0632\u0634 \u0648 \u062a\u0648\u0633\u0637 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0627\u0631\u0633\u0627\u0644 \u0634\u0648\u062f\u060c \u062a\u063a\u06cc\u06cc\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f.  \u0631\u0627 \u0645\u0634\u062e\u0635 \u06a9\u0646\u06cc\u062f <strong>\u0628\u0627\u06cc\u062a <\/strong>\u0627\u0631\u0632\u0634 \u062f\u0631 <strong>max-pending-packet<\/strong> \u0648 <strong>\u0627\u0646\u062f\u0627\u0632\u0647 \u0628\u0633\u062a\u0647 \u067e\u06cc\u0634 \u0641\u0631\u0636<\/strong> \u0645\u0648\u0644\u0641\u0647 \u0647\u0627\u06cc.<\/li>\n<li><strong>\u0634\u0646\u0627\u0633\u0647 \u062c\u0631\u06cc\u0627\u0646 \u062c\u0627\u0645\u0639\u0647<\/strong>.  \u062c\u0631\u06cc\u0627\u0646 \u0634\u0628\u06a9\u0647 Suricata \u0631\u0627 \u0628\u0631\u0627\u06cc \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0627\u062f\u063a\u0627\u0645 \u0628\u0627 \u0627\u0628\u0632\u0627\u0631 \u062f\u06cc\u06af\u0631\u06cc \u0645\u0627\u0646\u0646\u062f <a href=\"https:\/\/zeek.org\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\"><strong>\u0632\u06cc\u06a9<\/strong><\/a>.  \u0631\u0627 <strong>\u0634\u0646\u0627\u0633\u0647 \u062c\u0627\u0645\u0639\u0647<\/strong> \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u062a\u0646\u0638\u06cc\u0645 \u0634\u062f\u0647 \u0627\u0633\u062a <strong>\u0646\u0627\u062f\u0631\u0633\u062a<\/strong> \u0628\u0647 \u0635\u0648\u0631\u062a \u067e\u06cc\u0634 \u0641\u0631\u0636.<\/li>\n<\/ul>\n<p>\u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0631\u0627 \u0648\u06cc\u0631\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f \u0648 \u0641\u0634\u0627\u0631 \u062f\u0647\u06cc\u062f <strong>Ctrl + X<\/strong>\u060c <strong>Y<\/strong>\u060c \u0648 <strong>\u0648\u0627\u0631\u062f<\/strong> \u0628\u0631\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a  \u0628\u0631\u0627\u06cc \u062c\u0633\u062a\u062c\u0648\u06cc \u0633\u0631\u06cc\u0639 \u06cc\u06a9 \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u062e\u0627\u0635\u060c \u0627\u0632 <strong>Ctrl + W<\/strong> \u0645\u06cc\u0627\u0646\u0628\u0631 \u0628\u0631\u0627\u06cc \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0648\u06cc\u0698\u06af\u06cc \u062c\u0633\u062a\u062c\u0648.<\/p>\n<p>\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u062e\u0648\u0627\u0646\u062f\u0646 \u062f\u0633\u062a\u0648\u0631\u0627\u0644\u0639\u0645\u0644 \u0647\u0627\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647\u060c \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f <a href=\"https:\/\/docs.suricata.io\/en\/latest\/configuration\/suricata-yaml.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\">\u0645\u0633\u062a\u0646\u062f\u0627\u062a \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc Suricata<\/a> \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a  \u0628\u0631\u0627\u06cc \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627\u06cc \u0646\u0638\u0631 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0645\u0627\u0646\u0646\u062f <strong>\u0634\u0646\u0627\u0633\u0647 \u062c\u0627\u0645\u0639\u0647<\/strong>\u060c \u0646\u0645\u0627\u062f \u0647\u0634 \u0631\u0627 \u0628\u0631\u062f\u0627\u0631\u06cc\u062f (<strong>#<\/strong>) \u062f\u0631 \u0627\u0628\u062a\u062f\u0627 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-4-enable-network-interfaces\"><span class=\"ez-toc-section\" id=\"4_%d8%b1%d8%a7%d8%a8%d8%b7_%d9%87%d8%a7%db%8c_%d8%b4%d8%a8%da%a9%d9%87_%d8%b1%d8%a7_%d9%81%d8%b9%d8%a7%d9%84_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"4_Enable_Network_Interfaces\"><\/span>4. \u0631\u0627\u0628\u0637 \u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0628\u0647 process \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0648 \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u0631\u0633\u0627\u0646\u062f\u0646 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0634\u0645\u0627\u060c Suricata \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u0631\u0627\u0628\u0637 \u0631\u0627 \u0646\u0638\u0627\u0631\u062a \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634 \u0641\u0631\u0636\u060c Suricata \u0647\u06cc\u0686 \u0627\u062a\u0635\u0627\u0644\u06cc \u0627\u0632 \u0648 \u0628\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0631\u0627 \u0631\u062f\u06cc\u0627\u0628\u06cc \u0646\u0645\u06cc \u06a9\u0646\u062f.  \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0645\u0634\u062e\u0635 \u06a9\u0646\u0646\u062f \u06a9\u0647 \u06a9\u062f\u0627\u0645 \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647 \u0646\u0638\u0627\u0631\u062a \u06a9\u0646\u0646\u062f \u0648 \u0631\u0648\u0634 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062a\u0639\u06cc\u06cc\u0646 \u06a9\u0646\u0646\u062f <strong>YAML<\/strong> \u0641\u0627\u06cc\u0644.<\/p>\n<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \u0645\u0627 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u0645 \u0627\u0632 \u0622\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u0645 <strong>af-packet<\/strong> \u0631\u0648\u0634 \u0636\u0628\u0637 \u0648 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 <strong>venet0<\/strong> \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647.  \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0647 \u0646\u0638\u0631 \u0645\u06cc \u0631\u0633\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">af-packet:\n   - interface: venet0<\/pre>\n<p>\u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0645\u0627\u06cc\u0634 \u0631\u0627\u0628\u0637 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0648 \u0633\u0627\u06cc\u0631 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u0633\u06cc\u0631\u06cc\u0627\u0628\u06cc \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">ip -p -j route show<\/pre>\n<p>\u0631\u0648\u0634 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0631\u0627 \u0628\u0631 \u0627\u0633\u0627\u0633 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f \u0631\u0648\u06cc \u0646\u06cc\u0627\u0632\u0647\u0627\u06cc \u0634\u0645\u0627.  \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644 <strong>af-packet<\/strong> \u0645\u0646\u0627\u0633\u0628 \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0634\u0628\u06a9\u0647 \u0632\u0646\u062f\u0647 \u0627\u0633\u062a\u060c \u062f\u0631 \u062d\u0627\u0644\u06cc \u06a9\u0647 <strong>pcap<\/strong> \u0628\u0631\u0627\u06cc \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0622\u0641\u0644\u0627\u06cc\u0646 \u0627\u06cc\u062f\u0647 \u0622\u0644 \u0627\u0633\u062a.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647\u060c \u0627\u06cc\u0646 \u062e\u0637\u0648\u0637 \u062c\u062f\u06cc\u062f \u0631\u0627 \u062f\u0631 \u067e\u0627\u06cc\u06cc\u0646 \u0628\u062e\u0634 \u0631\u0648\u0634 \u0636\u0628\u0637 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.  \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f <strong>Cluster-ID <\/strong>\u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f \u0627\u0633\u062a:<\/p>\n<pre class=\"wp-block-preformatted\">-\u00a0 interface: interface name\n   cluster-id: 29<\/pre>\n<h3 class=\"wp-block-heading\" id=\"h-5-start-suricata\"><span class=\"ez-toc-section\" id=\"5_suricata_%d8%b1%d8%a7_%d8%b4%d8%b1%d9%88%d8%b9_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"5_Start_Suricata\"><\/span>5. Suricata \u0631\u0627 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0633\u0631\u0648\u06cc\u0633 Suricata \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <strong>systemctl<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0627\u062c\u0631\u0627\u06cc \u0622\u0646 \u062f\u0631 \u067e\u0633 \u0632\u0645\u06cc\u0646\u0647:<\/p>\n<pre class=\"wp-block-preformatted\">sudo systemctl start suricata<\/pre>\n<p>\u0628\u0631\u0627\u06cc \u0628\u0631\u0631\u0633\u06cc \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0627\u062c\u0631\u0627 \u0645\u06cc \u0634\u0648\u062f\u060c \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo systemctl status suricata<\/pre>\n<p>\u0627\u06af\u0631 \u0633\u0631\u0648\u06cc\u0633 Suricata \u062f\u0631 \u062d\u0627\u0644 \u0627\u062c\u0631\u0627 \u0627\u0633\u062a\u060c \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0628\u0627\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0646\u0634\u0627\u0646 \u062f\u0647\u062f<strong> \u0644\u0648\u062f \u0634\u062f\u0647<\/strong> \u0648 <strong>\u0641\u0639\u0627\u0644<\/strong> \u0648\u0636\u0639\u06cc\u062a \u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f \u0632\u06cc\u0631<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" width=\"1024\" height=\"124\" src=\"data:image\/svg+xml,%3Csvg%20xmlns=\" alt=\"\u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0648\u0636\u0639\u06cc\u062a \u062e\u062f\u0645\u0627\u062a Suricata \u0631\u0627 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f\" class=\"wp-image-101642\" data-lazy-srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968241_862_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-300x36.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-150x18.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-768x93.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status.png 1368w\" data-lazy-sizes=\"(max-width: 1024px) 100vw, 1024px\" data-lazy-src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968241_862_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" http: title=\"\"><img decoding=\"async\" width=\"1024\" height=\"124\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968241_862_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" alt=\"\u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0648\u0636\u0639\u06cc\u062a \u062e\u062f\u0645\u0627\u062a Suricata \u0631\u0627 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f\" class=\"wp-image-101642\" srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968241_862_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-300x36.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-150x18.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status-768x93.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-shows-suricata-service-status.png 1368w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" title=\"\"><\/figure>\n<\/div>\n<p>\u0628\u0647 \u06cc\u0627\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f\u060c \u0647\u0645\u06cc\u0634\u0647 \u067e\u0633 \u0627\u0632 \u0627\u0635\u0644\u0627\u062d \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc\u060c \u0633\u0631\u0648\u06cc\u0633 Suricata \u0631\u0627 \u0645\u062c\u062f\u062f\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u062c\u062f\u06cc\u062f \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u0634\u0648\u0646\u062f.  \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u062f\u0633\u062a\u0648\u0631 \u0627\u0633\u062a:<\/p>\n<pre class=\"wp-block-preformatted\">sudo systemctl restart suricata<\/pre>\n<p>\u0627\u0632 \u0637\u0631\u0641 \u062f\u06cc\u06af\u0631\u060c Suricata \u0631\u0627 \u0645\u062a\u0648\u0642\u0641 \u06a9\u0631\u062f\u0647 \u0648 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0646 \u062f\u0648\u0628\u0627\u0631\u0647 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>systemctl \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f <\/strong>\u0641\u0631\u0645\u0627\u0646  \u0628\u0631\u0627\u06cc \u062e\u0627\u062a\u0645\u0647 \u062f\u0627\u062f\u0646 \u0628\u0647 \u062f\u06cc\u0645\u0648\u0646\u060c \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo systemctl stop suricata<\/pre>\n<h3 class=\"wp-block-heading\" id=\"h-6-automate-suricata-startup\"><span class=\"ez-toc-section\" id=\"6_%d8%b1%d8%a7%d9%87_%d8%a7%d9%86%d8%af%d8%a7%d8%b2%db%8c_suricata_%d8%b1%d8%a7_%d8%ae%d9%88%d8%af%da%a9%d8%a7%d8%b1_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"6_Automate_Suricata_Startup\"><\/span>6. \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc Suricata \u0631\u0627 \u062e\u0648\u062f\u06a9\u0627\u0631 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u062e\u0648\u062f\u06a9\u0627\u0631 Suricata \u0628\u0647 \u062d\u0641\u0638 \u0627\u0645\u0646\u06cc\u062a \u0628\u0647\u06cc\u0646\u0647 VPS \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f \u0632\u06cc\u0631\u0627 \u067e\u0633 \u0627\u0632 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u062c\u062f\u062f \u0633\u06cc\u0633\u062a\u0645 \u0646\u06cc\u0627\u0632\u06cc \u0628\u0647 \u0641\u0639\u0627\u0644 \u0633\u0627\u0632\u06cc \u0645\u062c\u062f\u062f \u062f\u0633\u062a\u06cc \u0622\u0646 \u0646\u062f\u0627\u0631\u06cc\u062f.  \u0627\u06cc\u0646 \u0628\u0647 \u0628\u0647\u0628\u0648\u062f \u06a9\u0627\u0631\u0627\u06cc\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0633\u0631\u0648\u0631 \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u06a9\u0627\u0631\u060c \u06cc\u06a9 \u062c\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f <strong>\u0633\u06cc\u0633\u062a\u0645 \u0634\u062f\u0647<\/strong> \u0641\u0627\u06cc\u0644 \u0648\u0627\u062d\u062f \u0633\u0631\u0648\u06cc\u0633 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 Suricata \u0647\u0646\u06af\u0627\u0645 \u0634\u0631\u0648\u0639 \u0633\u0631\u0648\u0631 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631:<\/p>\n<pre class=\"wp-block-preformatted\">sudo nano \/etc\/systemd\/system\/suricata.service<\/pre>\n<p>\u062f\u0631 \u0641\u0627\u06cc\u0644 \u0648\u0627\u062d\u062f \u062e\u062f\u0645\u0627\u062a\u060c \u062e\u0637\u0648\u0637 \u0632\u06cc\u0631 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\"># Define the Suricata systemd unit\n[Unit]\nDescription=Suricata IDS\/IPS\nAfter=network.target\n\n# Specify the Suricata binary path, the configuration files location, and the network interface\n[Service]\nExecStart=\/usr\/bin\/suricata -c \/etc\/suricata\/suricata.yaml -i venet0\n[Install]\n\nWantedBy=default.target<\/pre>\n<p>\u0645\u0637\u0628\u0648\u0639\u0627\u062a <strong>Ctrl + X<\/strong>\u060c <strong>Y<\/strong>\u060c \u0648 <strong>\u0648\u0627\u0631\u062f<\/strong> \u0628\u0631\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a  \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u062a\u0627 Suricata \u0628\u0647 \u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062f\u0631 \u0647\u0646\u06af\u0627\u0645 \u0628\u0648\u062a \u0634\u062f\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0634\u0648\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo systemctl enable suricata<\/pre>\n<p>\u0633\u067e\u0633\u060c \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>systemctl \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0634\u0631\u0648\u0639 Suricata.  \u0648\u0636\u0639\u06cc\u062a \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0627\u0632 \u0627\u062c\u0631\u0627\u06cc \u0633\u0631\u0648\u06cc\u0633 \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f.<\/p>\n<p>\u0627\u06af\u0631 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 &#8220;<strong>\u0647\u06cc\u0686 \u0641\u0627\u06cc\u0644 \u0642\u0627\u0646\u0648\u0646\u06cc \u0645\u0637\u0627\u0628\u0642\u062a \u0646\u062f\u0627\u0631\u062f<\/strong>\u062e\u0637\u0627\u060c Suricata \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0646\u062a\u0648\u0627\u0646\u062f \u0642\u0648\u0627\u0646\u06cc\u0646 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0628\u0627\u0631\u06af\u06cc\u0631\u06cc \u06a9\u0646\u062f.  \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0622\u0646\u060c \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>suricata-update <\/strong>\u0628\u0631\u0627\u06cc \u062a\u0627\u0632\u0647 \u06a9\u0631\u062f\u0646 \u0645\u0633\u06cc\u0631 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc<\/p>\n<p>\u0633\u067e\u0633\u060c \u0631\u0627 \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f <strong>suricata.yaml<\/strong> \u0642\u0648\u0627\u0646\u06cc\u0646 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u0641\u0627\u06cc\u0644 \u0648 \u0627\u0635\u0644\u0627\u062d \u06a9\u0646\u06cc\u062f\u060c \u0645\u0627\u0646\u0646\u062f \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631:<\/p>\n<pre class=\"wp-block-preformatted\">default-rule-path: \/var\/lib\/suricata\/rules<\/pre>\n<pre class=\"wp-block-preformatted\">rule-files:\n   - suricata.rules<\/pre>\n<p>\u0641\u0627\u06cc\u0644 \u0631\u0627 \u0630\u062e\u06cc\u0631\u0647 \u06a9\u0631\u062f\u0647 \u0648 \u0633\u0631\u0648\u06cc\u0633 \u0631\u0627 \u0645\u062c\u062f\u062f\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a \u0627\u0639\u0645\u0627\u0644 \u0634\u0648\u062f.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-7-test-suricata-functionality\"><span class=\"ez-toc-section\" id=\"7_%d8%aa%d8%b3%d8%aa_%d8%b9%d9%85%d9%84%da%a9%d8%b1%d8%af_suricata\"><\/span><span class=\"ez-toc-section\" id=\"7_Test_Suricata_Functionality\"><\/span>7. \u062a\u0633\u062a \u0639\u0645\u0644\u06a9\u0631\u062f Suricata<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u067e\u0633 \u0627\u0632 \u0634\u0631\u0648\u0639 Suricata\u060c \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0622\u0646 \u0631\u0627 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u06a9\u0647 \u0627\u0628\u0632\u0627\u0631 \u06a9\u0627\u0631 \u0645\u06cc \u06a9\u0646\u062f.  \u0633\u0627\u062f\u0647 \u062a\u0631\u06cc\u0646 \u0631\u0627\u0647 \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0633\u062a\u0648\u0631 \u062a\u0633\u062a \u062f\u0627\u062e\u0644\u06cc \u0627\u0633\u062a:<\/p>\n<pre class=\"wp-block-preformatted\">sudo suricata -T -c \/etc\/suricata\/suricata.yaml -v<\/pre>\n<p>\u0631\u0627 <strong>-\u062a\u06cc<\/strong> \u06af\u0632\u06cc\u0646\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u062d\u0627\u0644\u062a \u062a\u0633\u062a Suricata \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u0648 <strong>-\u062c<\/strong> \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u062f\u0631 \u0645\u0633\u06cc\u0631 \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u067e\u06cc\u062f\u0627 \u06a9\u0646\u06cc\u062f.  \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c<strong> -v<\/strong> \u06af\u0632\u06cc\u0646\u0647 \u062d\u0627\u0644\u062a \u067e\u0631\u0645\u062e\u0627\u0637\u0628 \u0631\u0627 \u0641\u0639\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u062c\u0632\u0626\u06cc\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u0641\u0631\u0645\u0627\u0646 \u0627\u0632 \u062c\u0645\u0644\u0647 \u062e\u0637\u0627\u0647\u0627 \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f.<\/p>\n<p>\u0627\u06af\u0631 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0645\u062a\u0639\u062f\u062f \u0648 \u0631\u0634\u062a\u0647 \u0647\u0627\u06cc CPU \u0645\u062d\u062f\u0648\u062f \u062f\u0627\u0631\u06cc\u062f\u060c process \u0628\u06cc\u0634\u062a\u0631 \u0627\u062c\u0631\u0627 \u062e\u0648\u0627\u0647\u062f \u0634\u062f \u0627\u0645\u0627 \u0646\u0628\u0627\u06cc\u062f \u0627\u0632 \u0686\u0646\u062f \u062f\u0642\u06cc\u0642\u0647 \u062a\u062c\u0627\u0648\u0632 \u06a9\u0646\u062f.  \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0627\u0631\u0627\u062f\u0647 print \u0644\u0627\u06af \u062a\u0633\u062a \u0645\u0627\u0646\u0646\u062f \u0632\u06cc\u0631 \u0627\u0633\u062a.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" width=\"1024\" height=\"161\" src=\"data:image\/svg+xml,%3Csvg%20xmlns=\" alt=\"\u06af\u0632\u0627\u0631\u0634 \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc \u062a\u0633\u062a Suricata\" class=\"wp-image-101643\" data-lazy-srcset=\"https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-1536x242.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-300x47.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-150x24.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-768x121.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs.webp 1825w\" data-lazy-sizes=\"(max-width: 1024px) 100vw, 1024px\" data-lazy-src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_663_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" http: title=\"\"><img decoding=\"async\" width=\"1024\" height=\"161\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_663_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" alt=\"\u06af\u0632\u0627\u0631\u0634 \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc \u062a\u0633\u062a Suricata\" class=\"wp-image-101643\" srcset=\"https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-1536x242.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-300x47.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-150x24.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs-768x121.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/suricata-test-event-logs.webp 1825w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" title=\"\"><\/figure>\n<\/div>\n<p>\u062f\u0631 \u0637\u0648\u0644 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647\u060c \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u067e\u06cc\u0627\u0645 \u0647\u0634\u062f\u0627\u0631\u06cc \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0646\u0634\u0627\u0646 \u062f\u0647\u0646\u062f\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0646\u0627\u062f\u0631\u0633\u062a \u062f\u0631 \u062e\u0648\u062f \u0627\u0633\u062a <strong>YAML<\/strong> \u0641\u0627\u06cc\u0644.  \u0628\u0631\u0627\u06cc \u0633\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc \u0639\u06cc\u0628\u200c\u06cc\u0627\u0628\u06cc\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 \u0627\u0632 \u0645\u0627 \u0628\u067e\u0631\u0633\u06cc\u062f <strong>\u062f\u0633\u062a\u06cc\u0627\u0631 VPS AI<\/strong><strong> <\/strong>\u0628\u0631\u0627\u06cc \u0631\u0627\u0647 \u062d\u0644 \u0647\u0627<\/p>\n<p>\u0633\u067e\u0633\u060c \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u06a9\u0647 \u0622\u0646\u0647\u0627 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc \u06a9\u0646\u0646\u062f.  \u0631\u0627 <a href=\"https:\/\/docs.suricata.io\/en\/latest\/quickstart.html#alerting\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\">\u0631\u0627\u0647\u0646\u0645\u0627\u06cc \u0634\u0631\u0648\u0639 \u0633\u0631\u06cc\u0639 Suricata<\/a> \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0645\u0627\u0631\u0647 \u0642\u0627\u0646\u0648\u0646 ET Open \u0631\u0627 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u062f <strong>2100498<\/strong> \u0648 \u0627\u062a\u0635\u0627\u0644 \u0628\u0647 URL \u0622\u0632\u0645\u0627\u06cc\u0634\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 <strong>\u062d\u0644\u0642\u0647<\/strong> \u062f\u0633\u062a\u0648\u0631:<\/p>\n<pre class=\"wp-block-preformatted\">curl http:\/\/testmynids.org\/uid\/index.html<\/pre>\n<p>\u0627\u06cc\u0646 \u0641\u0631\u0645\u0627\u0646 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0628\u0631\u0627\u06cc \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0642\u0627\u0646\u0648\u0646 \u0647\u0634\u062f\u0627\u0631 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f.  \u0633\u067e\u0633\u060c Suricata \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u062f\u0631 <strong>eve.json<\/strong> \u0648 <strong>\u0633\u0631\u06cc\u0639.log<\/strong> \u0641\u0627\u06cc\u0644 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647<\/p>\n<p>\u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0622\u06cc\u0627 Suricata \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u0627\u0644\u0642\u0648\u0647 \u0645\u062e\u0631\u0628 \u062f\u0631 \u0622\u0646 \u0628\u0631\u0686\u0633\u0628 \u06af\u0630\u0627\u0631\u06cc \u0645\u06cc \u06a9\u0646\u062f \u06cc\u0627 \u062e\u06cc\u0631 <strong>\u0633\u0631\u06cc\u0639.log<\/strong> \u0641\u0627\u06cc\u0644.  \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u06a9\u0627\u0631\u060c \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>grep<\/strong> \u0627\u0628\u0632\u0627\u0631 \u0641\u06cc\u0644\u062a\u0631 \u06a9\u0631\u062f\u0646 \u0634\u0645\u0627\u0631\u0647 \u0634\u0646\u0627\u0633\u0647 \u0642\u0627\u0646\u0648\u0646:<\/p>\n<pre class=\"wp-block-preformatted\">grep 2100498 \/var\/log\/suricata\/fast.log<\/pre>\n<p>\u062e\u0631\u0648\u062c\u06cc \u0628\u0627\u06cc\u062f \u06af\u0632\u0627\u0631\u0634\u06cc \u0631\u0627 \u0646\u0634\u0627\u0646 \u062f\u0647\u062f \u06a9\u0647 \u0628\u0633\u062a\u0647 \u0631\u0627 \u0628\u0627 \u0639\u0646\u0648\u0627\u0646 &#8220;<strong>\u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u0627\u0644\u0642\u0648\u0647 \u0628\u062f<\/strong>&#8220;<\/p>\n<p>\u0627\u0632 \u0622\u0646\u062c\u0627 \u06a9\u0647<strong> \u0634\u0628 <\/strong>log \u0648\u0631\u0648\u062f\u06cc \u0647\u0627\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0635\u0648\u0631\u062a \u0641\u0631\u0645\u062a \u0645\u06cc \u06a9\u0646\u062f <strong>JSON<\/strong>\u060c \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0622\u0646 \u0645\u0633\u062a\u0644\u0632\u0645 <strong>jq <\/strong>\u0633\u0648\u062f\u0645\u0646\u062f\u06cc  \u0627\u06af\u0631 \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0631\u062f \u0634\u0648\u06cc\u062f.  \u062f\u0631 \u063a\u06cc\u0631 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a\u060c \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo apt install jq<\/pre>\n<p>\u0633\u067e\u0633 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0648\u0631\u0648\u062f\u06cc \u0647\u0627\u06cc \u0641\u0627\u06cc\u0644 \u0644\u0627\u06af \u0631\u0627 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0641\u06cc\u0644\u062a\u0631 \u06a9\u0646\u06cc\u062f \u0631\u0648\u06cc \u0634\u0646\u0627\u0633\u0647 \u0627\u0645\u0636\u0627 \u0648 \u0646\u0648\u0639 \u0647\u0634\u062f\u0627\u0631:<\/p>\n<pre class=\"wp-block-preformatted\">jq 'select(.alert .signature_id==2100498)' \/var\/log\/suricata\/eve.json<\/pre>\n<p>\u0634\u0645\u0627 \u0628\u0627\u06cc\u062f \u0634\u0646\u0627\u0633\u0647 \u0642\u0627\u0646\u0648\u0646 \u0648 \u0647\u0645\u0627\u0646 \u0631\u0627 \u0628\u0628\u06cc\u0646\u06cc\u062f<strong>\u062a\u0631\u0627\u0641\u06cc\u06a9 \u0628\u0627\u0644\u0642\u0648\u0647 \u0628\u062f<\/strong>&#8221; \u062f\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc.  \u0627\u06cc\u0646 \u0628\u062f\u0627\u0646 \u0645\u0639\u0646\u0627\u0633\u062a \u06a9\u0647 Suricata \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0631\u0627 \u0628\u0627 \u0642\u0627\u0646\u0648\u0646 \u062a\u0634\u062e\u06cc\u0635 \u0635\u062d\u06cc\u062d \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.<\/p>\n<p>\u0627\u06cc\u0646 \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0647\u0634\u062f\u0627\u0631 \u0648 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0627\u0645\u0646\u06cc\u062a \u0634\u0628\u06a9\u0647 \u0645\u0641\u06cc\u062f \u0647\u0633\u062a\u0646\u062f.  \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0645\u0646\u0627\u0628\u0639 \u062a\u0631\u0627\u0641\u06cc\u06a9\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u0631\u0627 \u062f\u0631 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u062f\u0648\u0646 \u0639\u0627\u0631\u0636\u0647 \u0627\u0648\u0628\u0648\u0646\u062a\u0648 (UFW) \u0645\u0633\u062f\u0648\u062f \u06a9\u0646\u06cc\u062f \u06cc\u0627 <strong>iptables<\/strong>.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-8-update-suricata-rules\"><span class=\"ez-toc-section\" id=\"8_%d9%82%d9%88%d8%a7%d9%86%db%8c%d9%86_suricata_%d8%b1%d8%a7_%d8%a8%d9%87_%d8%b1%d9%88%d8%b2_%da%a9%d9%86%db%8c%d8%af\"><\/span><span class=\"ez-toc-section\" id=\"8_Update_Suricata_Rules\"><\/span>8. \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<span class=\"ez-toc-section-end\"><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Suricata \u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0645\u0636\u0627\u0647\u0627 \u06cc\u0627 \u0642\u0648\u0627\u0646\u06cc\u0646 \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u06a9\u0627\u0631\u0628\u0631 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc \u06a9\u0646\u062f.  \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0634\u0627\u0645\u0644 \u062a\u0639\u062f\u0627\u062f\u06cc \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0627\u06af\u0631 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0632\u06cc\u0627\u062f\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u062f\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0646\u0627\u06a9\u0627\u0641\u06cc \u0628\u0627\u0634\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0627\u0641\u0632\u0648\u062f\u0646 \u0642\u0648\u0627\u0646\u06cc\u0646 \u062c\u062f\u06cc\u062f\u060c \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0627\u0636\u0627\u0641\u06cc \u0631\u0627 \u0627\u0632 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0645\u062e\u062a\u0644\u0641 \u0648\u0627\u06a9\u0634\u06cc \u06a9\u0646\u06cc\u062f.  \u062f\u0631 \u062d\u0627\u0644\u06cc \u06a9\u0647 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0622\u0646\u0647\u0627 \u0631\u0627\u06cc\u06af\u0627\u0646 \u0647\u0633\u062a\u0646\u062f\u060c \u0628\u0631\u062e\u06cc \u062f\u06cc\u06af\u0631 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0647\u0632\u06cc\u0646\u0647 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u0646\u062f.  \u0628\u0631\u0627\u06cc \u0644\u06cc\u0633\u062a \u06a9\u0631\u062f\u0646 \u0622\u0646\u0647\u0627\u060c \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo suricata-update list-sources<\/pre>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"961\" height=\"417\" src=\"data:image\/svg+xml,%3Csvg%20xmlns=\" alt=\"\u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 \u062e\u0627\u0631\u062c\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc Suricata \u0686\u0627\u067e \u0645\u06cc \u06a9\u0646\u062f\" class=\"wp-image-101644\" data-lazy-srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_64_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 961w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-300x130.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-150x65.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-768x333.webp 768w\" data-lazy-sizes=\"(max-width: 961px) 100vw, 961px\" data-lazy-src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_64_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" http: title=\"\"><img decoding=\"async\" width=\"961\" height=\"417\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_64_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" alt=\"\u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 \u062e\u0627\u0631\u062c\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc Suricata \u0686\u0627\u067e \u0645\u06cc \u06a9\u0646\u062f\" class=\"wp-image-101644\" srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_64_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 961w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-300x130.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-150x65.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-prints-external-ruleset-providers-for-suricata-768x333.webp 768w\" sizes=\"(max-width: 961px) 100vw, 961px\" title=\"\"><\/figure>\n<\/div>\n<p>\u0641\u0631\u0648\u0634\u0646\u062f\u06af\u0627\u0646 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646\u060c \u062e\u0644\u0627\u0635\u0647 \u0647\u0627\u060c \u0645\u062c\u0648\u0632\u0647\u0627 \u0648 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0634\u062a\u0631\u0627\u06a9 \u0631\u0627 \u0645\u0634\u0627\u0647\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.  \u0628\u0647 import \u06cc\u06a9 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646\u060c \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f:<\/p>\n<pre class=\"wp-block-preformatted\">sudo suricata-update enable-source provider-name<\/pre>\n<p>\u0639\u0648\u0636 \u06a9\u0646 <strong>\u0646\u0627\u0645 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u0647 <\/strong>\u0645\u06a9\u0627\u0646 \u0646\u06af\u0647\u062f\u0627\u0631 \u0628\u0627 \u0645\u0646\u0628\u0639 \u0642\u0648\u0627\u0639\u062f \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u0634\u0645\u0627.  \u0628\u0631\u0627\u06cc \u0645\u062b\u0627\u0644\u060c \u0627\u06cc\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>sslbl\/ja3-\u0627\u062b\u0631 \u0627\u0646\u06af\u0634\u062a<\/strong>:<\/p>\n<pre class=\"wp-block-preformatted\">sudo suricata-update enable-source sslbl\/ja3-fingerprints<\/pre>\n<p>\u0633\u067e\u0633\u060c \u062f\u0648\u0628\u0627\u0631\u0647 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f<strong> suricata-update<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0648 \u0627\u0639\u062a\u0628\u0627\u0631 \u0633\u0646\u062c\u06cc \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u0642\u0627\u0646\u0648\u0646 \u062f\u0631<strong> \/etc\/suricata\/rules<\/strong> \u0641\u0647\u0631\u0633\u062a \u0631\u0627\u0647\u0646\u0645\u0627.  \u0627\u06af\u0631 \u0645\u0646\u0628\u0639 \u062e\u0627\u0631\u062c\u06cc \u0627\u0636\u0627\u0641\u0647 \u0646\u06a9\u0646\u06cc\u062f\u060c \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc Suricata \u0642\u0648\u0627\u0646\u06cc\u0646 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0631\u0627 \u0627\u0632 \u0622\u0646 \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f <strong>ET OPEN<\/strong>.<\/p>\n<p>\u067e\u0633 \u0627\u0632 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0645\u0646\u0628\u0639 \u067e\u06cc\u0634 \u0641\u0631\u0636 ET OPEN\u060c \u062e\u0648\u0627\u0647\u06cc\u062f \u062f\u06cc\u062f \u06a9\u0647 Suricata \u0628\u0627\u0632\u0631\u0633\u06cc \u0631\u0627 \u067e\u0631\u062f\u0627\u0632\u0634 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a <strong>\u0627\u0645\u0636\u0627\u06cc \u0645\u062d\u0645\u0648\u0644\u0647 \u0628\u0633\u062a\u0647<\/strong> \u0648<strong> \u0642\u0648\u0627\u0646\u06cc\u0646 \u0641\u0642\u0637 ip<\/strong>.<\/p>\n<p>\u067e\u06cc\u0627\u0645 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0628\u0627\u06cc\u062f \u0628\u0627 \u067e\u0627\u06a9\u0633\u0627\u0632\u06cc \u0633\u0627\u062e\u062a\u0627\u0631 \u06af\u0631\u0648\u0647\u200c\u0628\u0646\u062f\u06cc \u0627\u0645\u0636\u0627 \u062a\u0648\u0633\u0637 \u0627\u0628\u0632\u0627\u0631 \u0628\u0647 \u067e\u0627\u06cc\u0627\u0646 \u0628\u0631\u0633\u062f.  \u0627\u06af\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0647\u0633\u062a\u06cc\u062f\u060c \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062e\u0648\u0627\u0647\u062f \u062f\u0627\u062f print &#8220;<strong>\u0647\u06cc\u0686 \u062a\u063a\u06cc\u06cc\u0631\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0646\u0634\u062f\u060c \u062f\u0631 \u062d\u0627\u0644 \u062e\u0631\u0648\u062c<\/strong>&#8220;<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" width=\"1024\" height=\"43\" src=\"data:image\/svg+xml,%3Csvg%20xmlns=\" alt=\"\u067e\u0627\u06cc\u0627\u0646\u0647 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0641\u0639\u0644\u06cc \u0628\u0647 \u0631\u0648\u0632 \u0627\u0633\u062a\" class=\"wp-image-101645\" data-lazy-srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_894_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-300x13.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-150x6.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-768x32.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date.png 1098w\" data-lazy-sizes=\"(max-width: 1024px) 100vw, 1024px\" data-lazy-src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_894_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" http: title=\"\"><img decoding=\"async\" width=\"1024\" height=\"43\" src=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_894_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp\" alt=\"\u067e\u0627\u06cc\u0627\u0646\u0647 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0641\u0639\u0644\u06cc \u0628\u0647 \u0631\u0648\u0632 \u0627\u0633\u062a\" class=\"wp-image-101645\" srcset=\"https:\/\/rasanegar.com\/blog\/wp-content\/uploads\/2024\/01\/1704968242_894_\u0646\u062d\u0648\u0647-\u0646\u0635\u0628-Suricata-on-\u0627\u0648\u0628\u0648\u0646\u062a\u0648-\u0628\u0631\u0627\u06cc-\u0627\u06cc\u0645\u0646-\u06a9\u0631\u062f\u0646-\u0634\u0628\u06a9\u0647-\u0634\u0645\u0627.webp.webp 1024w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-300x13.webp 300w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-150x6.webp 150w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date-768x32.webp 768w,https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/01\/terminal-indicates-the-current-suricata-ruleset-is-up-to-date.png 1098w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" title=\"\"><\/figure>\n<\/div>\n<p>\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u0627\u0628\u0632\u0627\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc Suricata \u0631\u0627 \u0628\u0647 \u0637\u0648\u0631 \u0645\u0646\u0638\u0645 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u06a9\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0634\u0645\u0627 \u0622\u062e\u0631\u06cc\u0646 \u0642\u0627\u0646\u0648\u0646 \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc \u06a9\u0646\u062f.  \u0627\u062c\u0631\u0627\u06cc \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0631\u0648\u0634 \u062a\u0634\u062e\u06cc\u0635 \u0628\u0647 \u062d\u0641\u0638 \u0627\u0645\u0646\u06cc\u062a \u0628\u0647\u06cc\u0646\u0647 \u0633\u0631\u0648\u0631 \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0628\u0647 \u0635\u0648\u0631\u062a \u0627\u062e\u062a\u06cc\u0627\u0631\u06cc\u060c \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0645\u0627\u0646\u0646\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <a href=\"https:\/\/github.com\/shirkdog\/pulledpork\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\"><strong>\u06af\u0648\u0634\u062a \u062e\u0648\u06a9<\/strong><\/a><strong> <\/strong>\u0648 <a href=\"https:\/\/oinkmaster.sourceforge.net\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\"><strong>\u0627\u0633\u062a\u0627\u062f \u0627\u0648\u06cc\u0646\u06a9<\/strong><\/a><strong> <\/strong>\u0628\u0631\u0627\u06cc \u062a\u0646\u0638\u06cc\u0645 \u062f\u0642\u06cc\u0642 \u0631\u0648\u0634 \u062a\u0634\u062e\u06cc\u0635  \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <strong>\u0646\u0627\u0646\u0648<\/strong> \u0628\u0631\u0627\u06cc \u0627\u0635\u0644\u0627\u062d \u0641\u0627\u06cc\u0644:<\/p>\n<pre class=\"wp-block-preformatted\">sudo nano \/etc\/suricata\/rules\/rule_name.rules<\/pre>\n<p>\u0646\u062d\u0648 \u0642\u0627\u0639\u062f\u0647 Suricata \u0628\u0647 \u0634\u0631\u062d \u0632\u06cc\u0631 \u0627\u0633\u062a:<\/p>\n<pre class=\"wp-block-preformatted\">action protocol source-ip\/port -&gt; destination-ip\/port (options; options; ... )<\/pre>\n<p>\u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0645\u0639\u0646\u06cc \u0647\u0631 \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u0648 \u0645\u0642\u0627\u062f\u06cc\u0631 \u067e\u0630\u06cc\u0631\u0641\u062a\u0647 \u0634\u062f\u0647 \u0622\u0646 \u0622\u0645\u062f\u0647 \u0627\u0633\u062a:<\/p>\n<ul>\n<li><strong>\u0639\u0645\u0644<\/strong>.  \u0627\u0642\u062f\u0627\u0645\u06cc \u06a9\u0647 \u0628\u0627\u06cc\u062f \u062f\u0631 \u0635\u0648\u0631\u062a \u062a\u062d\u0642\u0642 \u0634\u0631\u0637 \u0642\u0627\u0639\u062f\u0647 \u0627\u0646\u062c\u0627\u0645 \u0634\u0648\u062f.  \u0645\u0642\u0627\u062f\u06cc\u0631 \u0645\u0645\u06a9\u0646 \u0634\u0627\u0645\u0644 <strong>\u0631\u0647\u0627 \u06a9\u0631\u062f\u0646<\/strong>\u060c <strong>\u0647\u0634\u062f\u0627\u0631<\/strong>\u060c \u0648 <strong>\u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645<\/strong>.<\/li>\n<li><strong>\u067e\u0631\u0648\u062a\u06a9\u0644<\/strong>.  \u067e\u0631\u0648\u062a\u06a9\u0644 \u0634\u0628\u06a9\u0647 \u0646\u0638\u0627\u0631\u062a \u0634\u062f\u0647\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 <strong>TCP<\/strong>\u060c <strong>UDP<\/strong>\u060c <strong>ICMP<\/strong>\u060c \u06cc\u0627 <strong>IP<\/strong>.<\/li>\n<li><strong>source-ip\/port<\/strong>.  \u0631\u0627 <strong>IP<\/strong> \u0648 <strong>\u0628\u0646\u062f\u0631<\/strong> \u06a9\u0647 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0627\u0632 \u0622\u0646 \u0633\u0631\u0686\u0634\u0645\u0647 \u0645\u06cc \u06af\u06cc\u0631\u062f.<\/li>\n<li><strong>\u0645\u0642\u0635\u062f-ip\/port<\/strong>.  \u0631\u0627 <strong>IP<\/strong> \u0648 <strong>\u0628\u0646\u062f\u0631<\/strong> \u0631\u0648\u06cc  \u06a9\u0647 \u0627\u06cc\u0646 \u0642\u0627\u0646\u0648\u0646 \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f.<\/li>\n<li><strong>(\u06af\u0632\u06cc\u0646\u0647 \u0647\u0627\u061b \u06af\u0632\u06cc\u0646\u0647 \u0647\u0627\u061b \u2026)<\/strong>.  \u06a9\u0644\u0645\u0627\u062a \u06a9\u0644\u06cc\u062f\u06cc \u062a\u0639\u06cc\u06cc\u0646 \u06a9\u0646\u0646\u062f\u0647 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u06cc\u0627 \u0634\u0631\u0627\u06cc\u0637 \u0627\u0636\u0627\u0641\u06cc.<\/li>\n<\/ul>\n<p>\u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0627\u06cc\u0646 \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627 \u0648 \u06af\u0632\u06cc\u0646\u0647 \u0647\u0627\u06cc \u0627\u062d\u062a\u0645\u0627\u0644\u06cc\u060c \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f <a href=\"https:\/\/docs.suricata.io\/en\/latest\/rules\/intro.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\" data-wpel-link=\"external\">\u0645\u0633\u062a\u0646\u062f\u0627\u062a \u0642\u0648\u0627\u0646\u06cc\u0646 Suricata<\/a>. <\/p>\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\"><span class=\"ez-toc-section\" id=\"%d9%86%d8%aa%db%8c%d8%ac%d9%87\"><\/span>\u0646\u062a\u06cc\u062c\u0647<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Suricata \u06cc\u06a9 \u0633\u06cc\u0633\u062a\u0645 IDS \u0648 IPS \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u062e\u0631\u0628 \u0627\u0632 \u0646\u0641\u0648\u0630 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0628\u0631\u0627\u06cc \u0628\u0647\u0628\u0648\u062f \u0627\u0645\u0646\u06cc\u062a \u0633\u06cc\u0633\u062a\u0645 \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f.  \u0628\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u062d\u0630\u0641 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u0634\u06a9\u0648\u06a9 \u0628\u0631 \u0627\u0633\u0627\u0633 \u06a9\u0627\u0631 \u0645\u06cc \u06a9\u0646\u062f \u0631\u0648\u06cc \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646.<\/p>\n<p>\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc Suricata \u0631\u0627 \u062a\u0648\u0636\u06cc\u062d \u062f\u0627\u062f\u0647 \u0627\u06cc\u0645 \u0631\u0648\u06cc <strong>\u0627\u0648\u0628\u0648\u0646\u062a\u0648 22.04<\/strong> \u0648 \u06cc\u0627 \u0628\u0639\u062f.  \u067e\u0633 \u0627\u0632 \u0646\u0635\u0628 \u062a\u0648\u0632\u06cc\u0639 \u0648 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f\u0646 root \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u062e\u0648\u062f \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH\u060c \u0645\u0631\u0627\u062d\u0644 \u0632\u06cc\u0631 \u0631\u0627 \u062f\u0646\u0628\u0627\u0644 \u06a9\u0646\u06cc\u062f:<\/p>\n<ol>\n<li><strong>\u0628\u0633\u062a\u0647 \u0647\u0627\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<\/strong>.  \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>\u0622\u067e\u062f\u06cc\u062a \u0645\u0646\u0627\u0633\u0628 <\/strong>\u0648 <strong>\u0627\u0631\u062a\u0642\u0627\u0621 \u0645\u0646\u0627\u0633\u0628<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0646\u0635\u0628 \u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u062a\u0645\u0627\u0645 \u0628\u0633\u062a\u0647 \u0647\u0627.<\/li>\n<li><strong>Suricata \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f<\/strong>.  \u0627\u06af\u0631 \u062c\u062f\u06cc\u062f\u062a\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 Suricata \u0631\u0627 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u062f\u060c \u0627\u0628\u0632\u0627\u0631 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 APT \u06cc\u0627 \u0645\u062e\u0632\u0646 OISF \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.<\/li>\n<li><strong>Suricata \u0631\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f<\/strong>.  \u0627\u0632 \u0648\u06cc\u0631\u0627\u06cc\u0634\u06af\u0631 \u0645\u062a\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f <strong>\u0646\u0627\u0646\u0648 <\/strong>\u0628\u0631\u0627\u06cc \u0648\u06cc\u0631\u0627\u06cc\u0634 <strong>suricata.yaml <\/strong>\u0641\u0627\u06cc\u0644 \u0648 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f.<\/li>\n<li><strong>\u0631\u0627\u0628\u0637 \u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/strong>.  \u0631\u0648\u0634 \u0636\u0628\u0637 \u0628\u0633\u062a\u0647 \u0648 \u067e\u0627\u0631\u0627\u0645\u062a\u0631 \u0631\u0627\u0628\u0637 \u0634\u0628\u06a9\u0647 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u062a\u0627 Suricata \u0628\u062a\u0648\u0627\u0646\u062f \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0631\u0627 \u0646\u0638\u0627\u0631\u062a \u06a9\u0646\u062f.<\/li>\n<li><strong>Suricata \u0631\u0627 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f<\/strong>.  \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f <strong>systemctl<\/strong> \u062f\u0633\u062a\u0648\u0631 \u0634\u0631\u0648\u0639 Suricata \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062f\u06cc\u0645\u0648\u0646.<\/li>\n<li><strong>\u0627\u0633\u062a\u0627\u0631\u062a \u0622\u067e Suricata \u0631\u0627 \u062e\u0648\u062f\u06a9\u0627\u0631 \u06a9\u0646\u06cc\u062f<\/strong>.  \u06cc\u06a9 \u0633\u0648\u0631\u06cc\u06a9\u0627\u062a\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f <strong>\u0633\u06cc\u0633\u062a\u0645 \u0634\u062f\u0647 <\/strong>\u0641\u0627\u06cc\u0644 \u0648\u0627\u062d\u062f \u062e\u062f\u0645\u0627\u062a \u0648 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 <strong>systemctl <\/strong>\u0628\u0631\u0627\u06cc \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0627\u0628\u0632\u0627\u0631 \u062f\u0631 \u0647\u0646\u06af\u0627\u0645 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0633\u06cc\u0633\u062a\u0645.<\/li>\n<li><strong>\u0639\u0645\u0644\u06a9\u0631\u062f Suricata \u0631\u0627 \u062a\u0633\u062a \u06a9\u0646\u06cc\u062f<\/strong>.  \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc Suricata \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0648\u06cc\u0698\u06af\u06cc \u062a\u0633\u062a \u062f\u0627\u062e\u0644\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u06a9\u0646\u06cc\u062f \u0648 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0646\u0645\u0648\u0646\u0647\u060c \u0642\u0648\u0627\u0646\u06cc\u0646 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.<\/li>\n<li><strong>\u0642\u0648\u0627\u0646\u06cc\u0646 Suricata \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f<\/strong>.  \u0627\u062c\u0631\u0627 \u06a9\u0646<strong> \u0633\u0648\u0631\u06cc\u06a9\u0627\u062a\u0627 \u0628\u0647 \u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc<\/strong> \u0628\u0627 <strong>\u0645\u0646\u0628\u0639 \u0641\u0639\u0627\u0644<\/strong> \u067e\u0631\u0686\u0645 \u0628\u0631\u0627\u06cc \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u06cc\u06a9 \u0645\u062c\u0645\u0648\u0639\u0647 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0627\u0632 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u062e\u0627\u0631\u062c\u06cc.  \u0628\u0631\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0648 \u062a\u0623\u06cc\u06cc\u062f \u0642\u0648\u0627\u0646\u06cc\u0646 \u062c\u062f\u06cc\u062f\u060c Suricata \u0631\u0627 \u0628\u0647 \u0631\u0648\u0632 \u06a9\u0646\u06cc\u062f.<\/li>\n<\/ol>\n<p>\u0627\u0645\u06cc\u062f\u0648\u0627\u0631\u06cc\u0645 \u0627\u06cc\u0646 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0634\u0645\u0627 \u06a9\u0645\u06a9 \u06a9\u0646\u062f \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u0631\u0627 \u062f\u0631 VPS \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u062e\u0648\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.  \u0627\u06af\u0631 \u0633\u0648\u0627\u0644\u06cc \u062f\u0627\u0634\u062a\u06cc\u062f \u06cc\u0627 \u062f\u0631 \u062d\u06cc\u0646 \u0646\u0635\u0628 \u0628\u0627 \u0645\u0634\u06a9\u0644\u06cc \u0645\u0648\u0627\u062c\u0647 \u0634\u062f\u06cc\u062f process\u060c \u062f\u0631 \u0632\u06cc\u0631 \u0628\u0631\u0627\u06cc \u0645\u0627 \u0646\u0638\u0631 \u0628\u06af\u0630\u0627\u0631\u06cc\u062f.<\/p>\n<\/p><\/div>\n\n<div>\u0628\u0631\u0627\u06cc \u0646\u06af\u0627\u0631\u0634 \u0628\u062e\u0634\u0647\u0627\u06cc\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0645\u062a\u0646 \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0627\u0632 \u062a\u0631\u062c\u0645\u0647 \u0645\u0627\u0634\u06cc\u0646\u06cc \u06cc\u0627 \u0647\u0648\u0634 \u0645\u0635\u0646\u0648\u0639\u06cc GPT \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u062f\u0647 \u0628\u0627\u0634\u062f <br \/>\n\u0644\u0637\u0641\u0627 \u062f\u0631 \u0635\u0648\u0631\u062a \u0648\u062c\u0648\u062f \u0645\u0634\u06a9\u0644 \u062f\u0631 \u0645\u062a\u0646 \u06cc\u0627 \u0645\u0641\u0647\u0648\u0645 \u0646\u0628\u0648\u062f\u0646 \u062a\u0648\u0636\u06cc\u062d\u0627\u062a\u060c \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u06a9\u0645\u0647 \u06af\u0632\u0627\u0631\u0634 \u0646\u0648\u0634\u062a\u0627\u0631 \u06cc\u0627 \u062f\u0631\u062c \u0646\u0638\u0631 \u0631\u0648\u06cc \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628 \u0645\u0627 \u0631\u0627 \u0627\u0632 \u062c\u0632\u06cc\u06cc\u0627\u062a \u0645\u0634\u06a9\u0644 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0645\u0637\u0644\u0639 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0622\u0646 \u0631\u0633\u06cc\u062f\u06af\u06cc \u06a9\u0646\u06cc\u0645\n<\/div>\n<p>\u0632\u0645\u0627\u0646 \u0627\u0646\u062a\u0634\u0627\u0631: 1403-01-11 13:47:04<br \/>\n<br \/>\n <\/p>\n\n\n<div class=\"kk-star-ratings kksr-auto kksr-align-center kksr-valign-bottom\"\n    data-payload='{&quot;align&quot;:&quot;center&quot;,&quot;id&quot;:&quot;15374&quot;,&quot;slug&quot;:&quot;default&quot;,&quot;valign&quot;:&quot;bottom&quot;,&quot;ignore&quot;:&quot;&quot;,&quot;reference&quot;:&quot;auto&quot;,&quot;class&quot;:&quot;&quot;,&quot;count&quot;:&quot;0&quot;,&quot;legendonly&quot;:&quot;&quot;,&quot;readonly&quot;:&quot;&quot;,&quot;score&quot;:&quot;0&quot;,&quot;starsonly&quot;:&quot;&quot;,&quot;best&quot;:&quot;5&quot;,&quot;gap&quot;:&quot;5&quot;,&quot;greet&quot;:&quot;\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628&quot;,&quot;legend&quot;:&quot;0\\\/5 (0 \u0631\u0627\u06cc)&quot;,&quot;size&quot;:&quot;30&quot;,&quot;title&quot;:&quot;\u0631\u0648\u0634 \u0646\u0635\u0628 Suricata \u0631\u0648\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0645\u0646 \u06a9\u0631\u062f\u0646 \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627&quot;,&quot;width&quot;:&quot;0&quot;,&quot;_legend&quot;:&quot;{score}\\\/{best} ({count} \u0631\u0627\u06cc)&quot;,&quot;font_factor&quot;:&quot;1.25&quot;}'>\n            \n<div class=\"kksr-stars\">\n    \n<div class=\"kksr-stars-inactive\">\n            <div class=\"kksr-star\" data-star=\"1\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"2\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"3\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"4\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" data-star=\"5\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n    \n<div class=\"kksr-stars-active\" style=\"width: 0px;\">\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n            <div class=\"kksr-star\" style=\"padding-left: 5px\">\n            \n\n<div class=\"kksr-icon\" style=\"width: 30px; height: 30px;\"><\/div>\n        <\/div>\n    <\/div>\n<\/div>\n                \n\n<div class=\"kksr-legend\" style=\"font-size: 24px;\">\n            <span class=\"kksr-muted\">\u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0645\u0627 \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0637\u0644\u0628<\/span>\n    <\/div>\n    <\/div>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u0645\u0637\u0627\u0644\u0639\u0647: <\/span> <span class=\"rt-time\"> 10<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span>\u0633\u06cc\u0633\u062a\u0645 \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 (IDS) \u0648 \u0633\u06cc\u0633\u062a\u0645 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 (IPS) \u0628\u0647 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0645\u062c\u0631\u0645\u0627\u0646 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u06a9\u0645\u06a9 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0647\u200c\u0637\u0648\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0631\u0627 \u062d\u0630\u0641 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u0648 \u0628\u0647 \u0645\u062d\u0636 \u06cc\u0627\u0641\u062a\u0646 \u06cc\u06a9 \u0641\u0639\u0627\u0644\u06cc\u062a \u0645\u062e\u0631\u0628\u060c \u0647\u0634\u062f\u0627\u0631\u0647\u0627 \u0631\u0627 \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f. \u062f\u0631 \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0627\u0648\u0628\u0648\u0646\u062a\u0648 (VPS)\u060c Suricata \u06cc\u06a9 \u0631\u0627\u0647 \u062d\u0644 \u0645\u062d\u0628\u0648\u0628 [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":15375,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[606,643,2752,445],"tags":[33,1153,2751,2747],"class_list":["post-15374","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-howto","category-guides","category-vps","category-kb","tag-wordpress","tag--wordpress"],"acf":[],"_links":{"self":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/15374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/comments?post=15374"}],"version-history":[{"count":0,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/posts\/15374\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media\/15375"}],"wp:attachment":[{"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/media?parent=15374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/categories?post=15374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rasanegaar.com\/blog\/wp-json\/wp\/v2\/tags?post=15374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}