Logstash 提取SURICATA fast.log正则表达式
09/20/2020-00:18:32.710309 [**] [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.212.243.106:49614 -> 1.1.1.1:1433
网事随记
09/20/2020-00:18:32.710309 [**] [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.212.243.106:49614 -> 1.1.1.1:1433
1、 yum install epel-release 2、 sudo yum -y install gcc libpcap-devel pcre-devel libyaml-devel file-devel \ zlib-devel jansson-devel nss-devel libcap-ng-devel libnet-devel tar make \ libnetfilter_queue-devel lua-devel PyYAML libmaxminddb-devel rustc cargo \ lz4-devel
wget https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.tar.gz cd ruby-2.6.6 ./configure make && make install cd ruby-2.6.6/ext/openssl ruby extconf.rb
wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz tar -xzf openssl-1.1.1g.tar.gz cd openssl-1.1.1g ./config --prefix=/usr/local/openssl ./config -t make install cd /usr/local ldd /usr/local/openssl/bin/openssl
1,安装第一次使用,使用 **mysql_secure_installation** 命令初始化 # mysql -uroot -p 2.1 更新 mysql 库中 user 表的字段: MariaDB [(none)]> use mysql; MariaDB [mysql]> UPDATE user SET password=password('newpassword') WHERE user='root'; 或者 MariaDB [mysql]> ALTER USER 'root'@'localhost' IDENTIFIED BY 'newpassword';
V