SELKS 7 suricata rules not updating
84 lượt xem
Chuyển tới thư đầu tiên chưa đọc
Darryl Mackay
05:21:45 1 thg 12, 20221/12/22
đến SELKS
Hi all,
I have installed the SELKS 7 desktop and no-desktop iso images and I am unable to get the default source to update and populate through to the rest of Scirius.
Thank you.
Darryl
Peter Manev
07:13:32 1 thg 12, 20221/12/22
đến Darryl Mackay, SELKS
Hi Darryl
Thanks for trying SELKS out.
We also have live chat at discord here - should you wish faster answer
and reach bigger audience
https://discord.com/channels/911231224448712714/911238451842666546
Did the first time setup finish ok?
https://github.com/StamusNetworks/SELKS/wiki/Docker-ISO-setup#interactive-with-latest-updated-containers-and-software
What is th etype of err you get ?
Thank you
Thank you
> --
> Discord: Let's talk about SELKS on
> https://discord.com/channels/911231224448712714/911238451842666546
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/blog
> Twitter: @StamusN
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/75adbb58-6ce9-4501-b4ef-97b013477ad7n%40googlegroups.com.
--
Regards,
Peter Manev
Thanks for trying SELKS out.
We also have live chat at discord here - should you wish faster answer
and reach bigger audience
https://discord.com/channels/911231224448712714/911238451842666546
Did the first time setup finish ok?
https://github.com/StamusNetworks/SELKS/wiki/Docker-ISO-setup#interactive-with-latest-updated-containers-and-software
What is th etype of err you get ?
Thank you
Thank you
> Discord: Let's talk about SELKS on
> https://discord.com/channels/911231224448712714/911238451842666546
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/blog
> Twitter: @StamusN
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/75adbb58-6ce9-4501-b4ef-97b013477ad7n%40googlegroups.com.
--
Regards,
Peter Manev
Darryl Mackay
01:58:14 2 thg 12, 20222/12/22
đến SELKS
Here is the error I get when I try to update the source.
Peter Manev
04:12:22 2 thg 12, 20222/12/22
đến Darryl Mackay, SELKS
Hi Darryl,
Can you please answer the below questions , it would give me a better idea of what is going on :
1 - Did the first time setup finish ok and without errors as per the message in my previous mail?
2 - Is this a fresh install?
3 - Does the SELKs install have an internet connection?
4 - What is the output of
docker logs scirius
?
Thank you
Can you please answer the below questions , it would give me a better idea of what is going on :
1 - Did the first time setup finish ok and without errors as per the message in my previous mail?
2 - Is this a fresh install?
3 - Does the SELKs install have an internet connection?
4 - What is the output of
docker logs scirius
?
Thank you
To view this discussion on the web visit https://groups.google.com/d/msgid/selks/bec1e01b-8c5d-4660-92dd-dbe75d38a9acn%40googlegroups.com.
Regards,
Peter Manev
Darryl Mackay
23:35:02 2 thg 12, 20222/12/22
đến SELKS
Hi Peter,
I have managed to fix the problem regarding the updating. It turns out that the hardware I was trying to run SELKS 7 on, was not up to the task of doing the job. Currently I have SELKS running on a Dell PE R200 with 8GB of RAM and a 500GB HDD. When I go into Portainer and check the containers, they are all reporting either healthy or running. I have the unit setup to monitor activity between a pfSense firewall and the managed network switch at home. I also had a battle with getting the bridge on the SELKS stack to work and succeeded with this. Given some time I may post some screenshots of the traffic for the sake of posterity.
Sorry for the run around.
Darryl
Peter Manev
02:39:23 3 thg 12, 20223/12/22
đến Darryl Mackay, SELKS
Hi Darryl,
Great to hear everything is good now!
How did you manage to get the bridge going ?
I mean what was the problem you had ?
Thanks !
To view this discussion on the web visit https://groups.google.com/d/msgid/selks/2d2cd806-6937-4aff-8be4-67369e61b8c9n%40googlegroups.com.
Darryl Mackay
05:38:21 3 thg 12, 20223/12/22
đến Peter Manev, SELKS
Hi Peter,
To get the bridge working entailed editing the/etc/network/interfaces file as follows:-
auto eth0
iface eth0 inet manual
auto eth1
iface eth1 inet manual
auto br0
iface br0 inet manual
bridge_ports eth0 eth1
bridge_stp off
bridge_waitport 0
bridge_fd 0
Substitute eth0 and eth1 for the corresponding NICs which form the bridge. Next edit the /etc/sysctl.conf file and uncomment the following line:-
# net.ipv4.ip_forward=1
to:-
net.ipv4.ip_forward=1
Save the file and restart the SELKS device. The bridge should be up and running forwarding traffic between the 2 interfaces. The bridge can then be selected as the interface to be monitored. My glitch was trying to get the traffic to forward on the bridge.
My other glitch was dist-upgrading the SELKS device and crashed Suricata completely. I will be reinstalling everything and reading how to update without breaking things. Will be about 2 hours before I can do anything, because of a glorious South African thing called loadshedding.
Darryl
P.S. Sorry for repeating the email. Just wanted to include it to display on the group.
Trả lời tất cả
Trả lời tác giả
Chuyển tiếp
0 tin nhắn mới