Fixed Suricata 7.x configure errors with pfring
This post discusses fixing configuring Suricata 7.x with pfring, where an error persisted despite a correct library version.
This post discusses fixing configuring Suricata 7.x with pfring, where an error persisted despite a correct library version.
This article describes how to capture mirrored network traffic in an Esxi environment using a virtual switch. It outlines configuration steps, including setting security policies to promiscuous mode and correctly configuring the VLAN ID.
This blog post provides a step-by-step guide on how to install the zkg package manager for Zeek, including resolving external module dependencies and common errors encountered during the installation process.
Read More »Resolving Dependencies and Common Errors of Installing the zkg Package Manager for Zeek
Hyperscan is an open-source, high-performance library for regular expression matching. The library is optimized for modern CPUs, such as utilizing SIMD (Single Instruction, Multiple Data) parallelism and other hardware-specific features to accelerate pattern matching. This results in significantly faster performance compared to traditional regular expression engines when matching a large number of patterns. Its primary use cases include intrusion detection systems (IDS), intrusion prevention systems (IPS), deep packet inspection (DPI), etc. This blog post talks how to fix some errors during the build and install process of hyperscan.
PF_Ring purposes for high speed packet capture, this post notes how to install and run Suricata with pf_ring on Ubuntu 22.04.