Snorby

Automated filtering with Snorby and Suricata

Infrastructure, Monitoring, Security, Snorby, Suricata / paul

Since a long time I’m running Suricata on a few Internet facing boxes, just to see what’s attempted to access these boxes unauthorized. It brings a great deal of new information, however there are limits what people should be allowed to do. Politely asking them to stop does not work, nor emailing the abuse address […]

Automated filtering with Snorby and Suricata Read More »

Suricata, snorby and tarpit on Apache2

Boefjes, Infrastructure, Monitoring, Security, Snorby, Suricata / paul

Since a few months I realized I need more than just a secure connection. What are “they” attempting on the outside of my Internet connection and do I take sufficient measures to counteract? So instead of just checking the logfiles using elsa, I started suricata on the webserver. Suricata is similar to snort, but more

Suricata, snorby and tarpit on Apache2 Read More »