Tso tawm ntawm Suricata 6.0 intrusion detection system
Tom qab ib xyoos ntawm kev txhim kho, OISF (Open Information Security Foundation) lub koom haum luam tawm tso tawm lub network intrusion nrhiav kom tau thiab tiv thaiv system Meerkat 6.0, uas muab cov cuab yeej rau kev tshuaj xyuas ntau hom kev khiav tsheb. Hauv Suricata configurations nws tuaj yeem siv tau kos npe databases, tsim los ntawm Snort qhov project, nrog rau cov kev cai Kev hem thawj tshwm sim ΠΈ Emerging Threats Pro. Qhov project qhov chaw kis mus muaj ntawv tso cai raws li GPLv2.
Cov kev hloov loj:
Kev txhawb nqa pib rau HTTP/2.
Kev them nyiaj yug rau RFB thiab MQTT raws tu qauv, suav nrog lub peev xwm los txhais cov txheej txheem thiab tuav lub cav.
Muaj peev xwm nkag mus rau DCERPC raws tu qauv.
Kev txhim kho tseem ceeb hauv kev txiav txim siab los ntawm EVE subsystem, uas muab cov xwm txheej tso tawm hauv JSON hom. Kev ua kom nrawm tau ua tiav ua tsaug rau kev siv JSON tus tsim khoom tshiab sau ua lus Rust.
Lub scalability ntawm EVE log system tau nce thiab muaj peev xwm tswj tau cov ntaub ntawv sib cais rau txhua txoj xov tau siv.
Muaj peev xwm los txhais cov xwm txheej rau rov pib dua cov ntaub ntawv rau lub cav.
Muaj peev xwm xav txog MAC chaw nyob hauv EVE cav thiab nce qhov nthuav dav ntawm DNS cav.
Txhim kho qhov kev ua tau zoo ntawm lub cav khiav.
Lub peev xwm los sau cov ntawv sau hauv Lua los muab kev tshuaj ntsuam xyuas qib siab thiab siv cov peev txheej ntxiv uas xav tau los txheeb xyuas hom kev khiav tsheb uas cov qauv kev cai tsis txaus.