centos stream 9安装slips检测流量
1.centos stream 9安装docker
1.安装docker dnf -y install dnf-plugins-core dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin systemctl enable --now docker 2.配置docker mkdir -p /etc/docker tee /etc/docker/daemon.json >/dev/null <<'EOF' { "registry-mirrors": [ "https://docker.xuanyuan.me", "https://docker.m.daocloud.io", "https://docker.1ms.run", "https://docker.1panel.live" ], "dns": ["1.1.1.1", "8.8.8.8"] } EOF systemctl restart docker 3.docker启动slips,离线分析pcap mkdir -p /opt/slips/{dataset,output} chown -R $USER:$USER /opt/slips cp *.pcap /opt/slips/dataset/ docker run --rm -it --net=host \ --name slips \ -v /opt/slips/dataset:/StratosphereLinuxIPS/dataset:Z \ -v /opt/slips/output:/StratosphereLinuxIPS/output:Z \ stratosphereips/slips:latest \ /StratosphereLinuxIPS/slips.py -f dataset/word_cve_2006_6561.pcap 4.查看slips离线分析pcap的结果 find /opt/slips/output -maxdepth 2 -type f -name "alerts.log" -o -name "alerts.json" -o -name "errors.log" 5.docker启动slips,实时监控网卡 docker run --rm -it --name slips \ --net=host --cap-add=NET_ADMIN \ -v /opt/slips/output:/StratosphereLinuxIPS/output:Z \ -v /opt/slips/dataset:/StratosphereLinuxIPS/dataset:Z \ stratosphereips/slips:latest \ /StratosphereLinuxIPS/slips.py -i eno2 6.查看slips实时分析结果 tail -f /opt/slips/output/eno1*/alerts.log
浙公网安备 33010602011771号