John-Lin/docker-snort

Stars
106
Rank 325,871 (Top 7 %)
Language
Dockerfile
License
MIT License
Created over 9 years ago
Updated over 5 years ago

John-Lin/docker-snort

John-Lin

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Snort in Docker for Network Functions Virtualization (NFV)

docker-snort

Snort in Docker for Network Functions Virtualization (NFV)

The Snort Version 2.9.8.0 and DAQ Version 2.0.6

Docker Usage

You may need to run as sudo Attach the snort in container to have full access to the network

$ docker run -it --rm --net=host linton/docker-snort /bin/bash

Or you may need to add --cap-add=NET_ADMIN or --privileged (unsafe)

$ docker run -it --rm --net=host --cap-add=NET_ADMIN linton/docker-snort /bin/bash

Snort Usage

For testing it's work. Add this rule in the file at /etc/snort/rules/local.rules

alert icmp any any -> any any (msg:"Pinging...";sid:1000004;)

Running Snort and alerts output to the console (screen).

$ snort -i eth0 -c /etc/snort/etc/snort.conf -A console

Running Snort and alerts output to the UNIX socket

$ snort -i eth0 -A unsock -l /tmp -c /etc/snort/etc/snort.conf

Ping in the container then the alert message will show on the console

ping 8.8.8.8

linen-cni

A CNI plugin designed for overlay networks with Open vSwitch

tinynet

A lightweight instant virtual network for rapid prototyping SDN

malware

This is a malware analysis project which expecte to generate snort rule via malicious network traffic

awesomelists-index

Generate the awesome lists in JSON file.

ovs-cni

nat

An Ryu Application implemented NAT

snortunsock

A Python listener to capture Snort event via the UNIX Socket output.

electron-boilerplate

Boilerplate Electron Application with Handlebars.js/Material Design CSS

dotfiles

A dotfile same development environment

octocat-images

:octocat: Get octocat images name, number, url and even download images

netns-demo

pigrelay

Pigrelay: Open Unix Domain Socket for Snort(NIDS) and send to Network socket

dpdk-ovs

Open vSwitch with DPDK and Vhostuser CNI development sandbox

docker-ryu

SDN framework RYU in Docker

cafenomad-bot

A Cafe Nomad Line Bot for Seeking Coffee Shops Close to You

OVS-Cheat-Sheet

Open vSwitch Cheat Sheet

codeshipbar

A menubar app of codeship show the building status.

ovsdb

A libovsdb wrapper for operating Open vSwitch

pydcard

This is a Dcard API wrapper

sdn-testing-tool

pyscanlogger

Pyscanlogger - Python Port scan detector

etop

A CPU activity monitor likes top program but gorgeous.

ryuapp

SDN/OpenFlow Applications based on Ryu controller

snort-base

Snort base docker image

opencv-go.dockerfile

Computer-Network

go-linebot

A Currency Convert Line Bot Build in Golang

sdn-app-dev

SDN Applications Development

shipyard-api

A Shipyard 3.0 API wrapper for Node.js

SDN-hands-on

SDN Hands-on Training

gptelbot

fluent-plugin-csv-with-header

yet another fluent plugin to parser CSV with header for Fluent

archive-blog

Welcome to my Blog.

codeship-api

An better API wrapper for Codeship

crypt

A simple CLI tool for Encrypt/Decrypt files.

alpine-ssh-client

john-lin.github.io

kubepcap

Kubernetes cluster pod capture

ryuInstallHelper

This is a automatic installation script for install Ryu on Ubuntu 12.04+.

pyew

Automatically exported from code.google.com/p/pyew

shipyard.js

A Shipyard API wrapper for Node.js.

Moocs

This is an utility script for TAs using in computer networking course on NTHU MOOCs

fluent-plugin-redis-pub

yet another fluent plugin to publish messages into redis

awesome-nthu-thesis

A curated list of NTHU Latex template thesis lists

tsbetween

Convert start and end time from ISO 8601 to UNIX timestamps

express-file-upload

A simple file upload web server build with Express

sdn-snort-web

Portable Demo environment

pyexchange

Getting exchange rate by using Yahoo finance API

info

vcpe-api-server

A vCPE dashboard API Server [Work in progress].

py80211

Automatically exported from code.google.com/p/py80211