Hello Linux Geeksters. As you may know, Suricata is an open source Network IDS, IPS and Network Security Monitoring engine, developed by the Open Information Security Foundation (OISF).
The latest version available is Suricata 2.0 RC1, which comes with the below changes (from the changelog):
- unified JSON output for almost all log types (eve-log)
- QinQ VLAN handling
- Alerting over PCIe bus (Tilera only)
- Add –set commandline option to override any YAML option
- Various scalability improvements, clean ups and fixes
- ICMPv6 handling improvements
- memcaps for DNS and HTTP handling were added
- Several fixes and improvements of AF_PACKET and PF_RING
- NSM runmode, where detection engine is disabled
In this article I will show you how to install Suricata 2.0 RC 1 on Ubuntu 14.04 Trusty Tahr, Ubuntu 13.10 Saucy Salamander, Ubuntu 12.10 Quantal Quetzal, Ubuntu 12.04 Precise Pangolin, Linux Mint 16 Petra, Linux Mint 14 Nadia, Linux Mint 13 Maya and Elementary OS 0.2 Luna.
Because it is available via PPA, installing Suricata 2.0 RC 1 on Ubuntu, Linux Mint and Elementary OS is easy. All you have to do is add the Suricata Beta PPA to your system, update the local repository index and install the suricata package. Like this:
$ sudo add-apt-repository ppa:oisf/suricata-beta
$ sudo apt-get update
$ sudo apt-get install suricata