ProHoster > Blog > internet nhau > Kuburitswa kweSELKS 7.0 kugovera, yakanangana nekugadzira intrusion yekuona masisitimu

Kuburitswa kweSELKS 7.0 kugovera, yakanangana nekugadzira intrusion yekuona masisitimu

Stamus Networks yakaburitsa kuburitswa kwehunyanzvi hwekugovera kit, SELKS 7.0, yakagadzirirwa kuendesa masisitimu ekuona nekudzivirira kupindirwa kwenetiweki, pamwe nekupindura kutyisidzira kwakaonekwa uye kutarisa kuchengetedzwa kwetiweki. Vashandisi vanopihwa yakazara network kuchengetedza manejimendi mhinduro inogona kushandiswa nekukurumidza mushure mekurodha. Iyo yekugovera inotsigira kushanda muLive mode uye inomhanya munzvimbo dze virtualization kana midziyo. Mafambiro echirongwa ichi akagoverwa pasi peGPLv3 rezinesi. Saizi yemufananidzo webhutsu i3 GB.

Sisitimu iyi yakavakirwa pahwaro hwepakeji Debian uye puratifomu yeIDS yakavhurika inonzi Suricata. Data rinogadziriswa uchishandisa Logstash uye rinochengetwa muElasticSearch storage. Pane web interface yakavakirwa pamusoro peKibana inopihwa yekutarisa mamiriro aripo uye zviitiko zvakaonekwa. Iyo Scirius CE web interface inoshandiswa pakutarisira mitemo uye kuona zviitiko zvine chekuita nayo. Sisitimu iyi inosanganisirawo Arkime packet capture system, EveBox evaluation interface, uye CyberChef data analyzer.

Pamusoro pekugadzirisa dhatabhesi yepakeji, iyo vhezheni itsva inoratidza zvinotevera kuvandudzwa:

  • Kugadzira pasuru yekuiswa mumidziyo yekuzviparadzanisa masisitimu inotsigira Docker.
  • Iyo yakazara otomatiki sisitimu yekudzokorodza chiitiko uchishandisa matanda akachengetwa muPCAP fomati, iyo inogona kushandiswa kuyedza mashandiro ematanho ekuchengetedza akaiswa, kuongororwa kwezviitiko, kana mukudzidzira.
  • Iyo seti yemafirita ekuziva kutyisidzira kwe cyber (kuvhima kutyisidzira) yakawedzerwa uye yakagadziridzwa, ichikubvumidza iwe kukurumidza kuona zvakashata zviitiko uye kutyorwa kwemitemo yekuwana nekutsvaga Suricata uye NSM (Network Security Monitor) matanda.
  • Iyo CyberChef package yakabatanidzwa, ichikubvumidza kuti unyore, decode uye kuongorora data rine chekuita nezviitiko, kushanda kweprotocol uye zvinyorwa zvakagadzirwa naSuricata.
  • Zvikamu zvitanhatu zvakawedzerwa kuKibana interface kuona uye kutarisa chiitiko chine chekuita neSNMP, RDP, SIP, HTTP6, RFB, GENEVE, MQTT uye DCERPC protocol.

Kuburitswa kweSELKS 7.0 kugovera, yakanangana nekugadzira intrusion yekuona masisitimu
Kuburitswa kweSELKS 7.0 kugovera, yakanangana nekugadzira intrusion yekuona masisitimu


Source: opennet.ru
Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster