2023

 SuricataSURICATA IDS/IPS is an open source IDS that monitors communications on the network and detects suspicious traffic.The basic mechanism is signature-based, so it can detect predefined unauthorized communications. Suricata is also characterized by its ability to provide protection as well as detection.1.advance preparation①Activate the EPEL RepositorySNORTSnort is an open source network intrusion detection system that can perform real-time traffic analysis and packet logging on IP networks.It can perform "protocol analysis," "content search," and "matching" and can be used to detect a variety of attacks such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, semantic URL attacks, and server message block probes. detection.

Tripwire1.Download and installation# cd /usr/local/src# wget https://rpmfind.net/linux/epel/9/Everything/x86_64/Packages/t/tripwire-2.4.3.7-13.el9.x86_64.rpm# rpm -Uvh tripwire-2.4.3.7-13.el9.x86_64.rpmChkrootkit①Download and install chkrootkit# cd /usr/local/src# wget https://launchpad.net/chkrootkit/main/0.55/+download/chkrootkit-0.55.tar.gz# tar xvf chkrootkit-0.55.tar.gzLogwatch①Install# dnf install logwatchIntroduce disk usage check script1. Script Creation# cd /var/www/system# vi disk_capacity_check.sh

1.Website data backup1-1.Backup under /var/www/html①Create backup script file2.MySQL database backup①Create backup script file# cd /var/www/system# vi db_my_backup.sh3.Restore backup files under html① Store HTML backup files in "/ (root)" directory# cd /var/www/backup/html_bak# cp html_back_20220610.tar.gz / ←Specify the backup file with the latest date4.Restore Mysql backup file①Save the database backup file to any directory and（In the example, the directory is "/var/www/backup/db_bak".）Extracting data# cd /var/www/backup/db_bak