Section: Maintenance Commands (8)Updated: February 2010Local indexUp
suricata - Next Generation Intrusion Detection and Prevention Tool
is a network Intrusion Detection System (IDS). It is based on
rules (and is fully compatible with snort rules) to detect a variety of
attacks / probes by searching packet content.
This new Engine supports Multi-Threading, Automatic Protocol Detection
(IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB), Gzip Decompression, Fast
IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU
It supports acquiring packets through NFQUEUE, PCAP (live or offline) etc.
Use configuration file
Sniff packets on
Read the tcpdump-formatted file
This will cause Suricata to read and process the file fed to it. This is
useful for offline analysis.
Sniff packets sent by the kernel through NFQUEUE. This allows running
Suricata in inline mode (IPS) for packets captured by iptables using
the NFQUEUE target.