{"id":12437,"date":"2017-08-21T23:49:52","date_gmt":"2017-08-21T20:49:52","guid":{"rendered":"https:\/\/linuxthebest.net\/?p=12437"},"modified":"2023-07-06T07:32:41","modified_gmt":"2023-07-06T04:32:41","slug":"ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu","status":"publish","type":"post","link":"https:\/\/linuxthebest.net\/uk\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/","title":{"rendered":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e"},"content":{"rendered":"<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\nOSSIM (Open Source Security Information Management) \u2014 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\u00a0 <!--more-->OSSIM \u00ab\u0438\u0437 \u043a\u043e\u0440\u043e\u0431\u043a\u0438\u00bb \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0442\u0430\u043a\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u043a\u0430\u043a:<\/p>\n<ul style=\"text-align: justify;\">\n<li>\u0421\u0431\u043e\u0440, \u0430\u043d\u0430\u043b\u0438\u0437 \u0438 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u044f \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u2014 SIEM<\/li>\n<li>\u0425\u043e\u0441\u0442\u043e\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (HIDS) \u2014\u00a0<a href=\"http:\/\/ossec.net\">OSSEC<\/a><\/li>\n<li>\u0421\u0435\u0442\u0435\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (NIDS) \u2014\u00a0<a href=\"http:\/\/suricata-ids.org\/\">Suricata<\/a><\/li>\n<li>\u0411\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (WIDS) \u2014\u00a0<a href=\"https:\/\/www.kismetwireless.net\/\">Kismet<\/a><\/li>\n<li>\u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0443\u0437\u043b\u043e\u0432 \u0441\u0435\u0442\u0438-\u00a0<a href=\"http:\/\/www.nagios.org\/\">Nagios<\/a><\/li>\n<li>\u0410\u043d\u0430\u043b\u0438\u0437 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0430\u043d\u043e\u043c\u0430\u043b\u0438\u0439 \u2013\u00a0<a href=\"http:\/\/lcamtuf.coredump.cx\/p0f3\/\">P0f<\/a>,\u00a0<a href=\"http:\/\/passive.sourceforge.net\/about.php\">PADS<\/a>,\u00a0<a href=\"http:\/\/fprobe.sourceforge.net\/\">FProbe<\/a>,\u00a0<a href=\"http:\/\/ee.lbl.gov\/\">Arpwatch\u00a0<\/a>\u0438 \u0434\u0440.<\/li>\n<li>\u0421\u043a\u0430\u043d\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u2013\u00a0<a href=\"http:\/\/www.openvas.org\/\">OpenVAS<\/a><\/li>\n<li>\u041c\u043e\u0449\u043d\u0435\u0439\u0448\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0431\u043c\u0435\u043d\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u0443\u0433\u0440\u043e\u0437\u0430\u0445 \u043c\u0435\u0436\u0434\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 OSSIM \u2014\u00a0<a href=\"https:\/\/www.alienvault.com\/open-threat-exchange\">OTX<\/a><\/li>\n<li>\u0411\u043e\u043b\u0435\u0435 200 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0434\u043b\u044f \u043f\u0430\u0440\u0441\u0438\u043d\u0433\u0430 \u0438 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u0438 \u043b\u043e\u0433\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0438 \u0441\u043b\u0443\u0436\u0431<\/li>\n<\/ul>\n<h4 style=\"text-align: justify;\">\u041f\u0440\u0435\u0434\u0438\u0441\u043b\u043e\u0432\u0438\u0435<\/h4>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412 \u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u0440\u0435\u0447\u044c \u043f\u043e\u0439\u0434\u0451\u0442 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u043e\u0431 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435, \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 OSSIM, \u0432\u0441\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u0445 \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0435 \u043c\u043e\u0436\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u0441\u00a0<a href=\"https:\/\/www.alienvault.com\">\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0430\u0439\u0442\u0430.<\/a><\/p>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0421\u0442\u043e\u0438\u0442 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c, \u0443 AlienVault \u0435\u0441\u0442\u044c 2 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0439 OSSIM \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u0442\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u2014 USM, \u0440\u0430\u0437\u043b\u0438\u0447\u0438\u044f \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043f\u043e\u00a0<a href=\"https:\/\/www.alienvault.com\/products\/compare-ossim-to-alienvault-usm\">\u044d\u0442\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0435<\/a>.<br \/>\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0431\u043e\u043d\u0443\u0441\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0433\u043b\u0430\u0432\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0438 \u0432\u044b\u043b\u043e\u0436\u0438\u043b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 OSSIM \u0441 SIEM \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439\u00a0<a href=\"http:\/\/www8.hp.com\/ru\/ru\/software-solutions\/siem-security-information-event-management\/\">ArcSight<\/a>.<\/p>\n<h4 style=\"text-align: justify;\">\u041e\u0433\u043b\u0430\u0432\u043b\u0435\u043d\u0438\u0435<\/h4>\n<p class=\"content html_format\" style=\"text-align: justify;\"><a href=\"#1\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 OSSIM<\/a><\/p>\n<ul style=\"text-align: justify;\">\n<li><a href=\"#11\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 ESXi<\/a><\/li>\n<li><a href=\"#12\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430<\/a><\/li>\n<\/ul>\n<p class=\"content html_format\" style=\"text-align: justify;\"><a href=\"#2\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 OSSIM<\/a><\/p>\n<ul style=\"text-align: justify;\">\n<li><a href=\"#21\">\u041c\u0430\u0441\u0442\u0435\u0440 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438<\/a><\/li>\n<li><a href=\"#22\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439<\/a><\/li>\n<li><a href=\"#23\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 HIDS<\/a>\n<ul>\n<li><a href=\"#231\">Windows<\/a><\/li>\n<li><a href=\"#232\">Ubuntu<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#24\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 WIDS<\/a>\n<ul>\n<li><a href=\"#241\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b<\/a><\/li>\n<li><a href=\"#242\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 Debian<\/a><\/li>\n<li><a href=\"#243\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 OpenVPN<\/a><\/li>\n<li><a href=\"#244\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 Kismet<\/a><\/li>\n<li><a href=\"#245\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438\u043c\u043f\u043e\u0440\u0442\u0430 XML \u043b\u043e\u0433\u043e\u0432<\/a><\/li>\n<li><a href=\"#246\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0435\u043d\u0441\u043e\u0440\u0430<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#25\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0431\u043e\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043b\u043e\u0433\u043e\u0432<\/a>\n<ul>\n<li><a href=\"#251\">VMware<\/a><\/li>\n<li><a href=\"#252\">Windows Server<\/a><\/li>\n<li><a href=\"#253\">Ubuntu<\/a><\/li>\n<li><a href=\"#254\">\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#26\">\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 ArcSight<\/a><\/li>\n<\/ul>\n<p class=\"content html_format\" style=\"text-align: justify;\"><a href=\"#3\">\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438<\/a><\/p>\n<h4 style=\"text-align: justify;\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 OSSIM<\/h4>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 open source SIEM \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e \u0432 \u0441\u0435\u0431\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 Debian \u0438 \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438 \u043c\u043e\u0434\u0443\u043b\u0438.<br \/>\n\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 OSSIM, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u00a0<a href=\"http:\/\/downloads.alienvault.com\/c\/download?version=current_ossim_iso\">\u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0441\u0441\u044b\u043b\u043a\u0443<\/a>, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0441\u0440\u0430\u0437\u0443-\u0436\u0435 \u043d\u0430\u0447\u043d\u0451\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430 OSSIM.<br \/>\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u043d\u0430\u00a0<a href=\"http:\/\/www.vmware.com\/ru\/products\/vsphere\/features\/esxi-hypervisor\">VMware ESXi<\/a>.<\/p>\n<h5 style=\"text-align: justify;\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 ESXi<\/h5>\n<p class=\"content html_format\">\u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0430\u043c ESXi, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u0432\u00a0<a href=\"https:\/\/ru.wikipedia.org\/wiki\/Promiscuous_mode\">\u00ab\u043d\u0435\u0440\u0430\u0437\u0431\u043e\u0440\u0447\u0438\u0432\u043e\u043c\u00bb \u0440\u0435\u0436\u0438\u043c\u0435 (Promiscuous mode)<\/a>. \u0414\u0430\u043d\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c \u043d\u0430\u043c \u043d\u0443\u0436\u0435\u043d \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0441\u0435\u0442\u0438. \u0412 OSSIM \u044d\u0442\u0443 \u0440\u043e\u043b\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u00a0<a href=\"http:\/\/suricata-ids.org\/\">Suricata<\/a>.<br \/>\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u043e\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0445\u043e\u0441\u0442\u0430, \u0438 \u0434\u0435\u043b\u0430\u0435\u043c \u0432\u0441\u0451, \u043a\u0430\u043a \u043d\u0430 \u0430\u043d\u0438\u043c\u0430\u0446\u0438\u0438 \u043d\u0438\u0436\u0435:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/3b9\/91d\/e1b\/3b991de1b2bf4e36ab8f245aa7af343f.gif?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u044d\u0442\u043e\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0437\u0430\u043a\u043e\u043d\u0447\u0435\u043d\u0430, \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443. \u041d\u0430 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u0430\u0445 \u043d\u0438\u0436\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435 \u043f\u0443\u043d\u043a\u0442\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b \u043c\u0435\u043d\u044f\u0435\u043c.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/340\/295\/fbf\/340295fbff0a4c1ba63a5bbec6b65e63.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/552\/08e\/32a\/55208e32a02348d9b9de1d853dfc5ebb.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/46d\/655\/b42\/46d655b42216494eb772ce04c35980d3.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041c\u043d\u043e\u0433\u0438\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u0432 OSSIM \u0443\u043c\u0435\u044e\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0432 \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u0442\u043e\u0447\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u044f\u0434\u0435\u0440.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/f23\/469\/1eb\/f234691ebc6a4a4c90de5734c75a0092.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435. \u041c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440, \u0434\u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0441\u0451 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435-\u043c\u0435\u043d\u0435\u0435 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e \u0438 \u0431\u0435\u0437 \u043f\u043e\u0434\u0442\u043e\u0440\u043c\u0430\u0436\u0438\u0432\u0430\u043d\u0438\u0439 \u2013 3GB.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/687\/349\/4bd\/6873494bdd1c402ba58d3c0ceeaf258e.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n1 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f OSSIM, 1 \u0434\u043b\u044f Network IDS Suricata, \u043e\u0434\u0438\u043d \u0434\u043b\u044f OpenVAS (\u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439).<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/14d\/cea\/370\/14dcea3703314a15894cbdeea93d1233.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u044d\u0442\u043e\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b \u0437\u0430\u043a\u043e\u043d\u0447\u0435\u043d\u0430.<\/p>\n<h5 style=\"text-align: justify;\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430<\/h5>\n<p class=\"content html_format\">\u0412\u043a\u043b\u044e\u0447\u0438\u043c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043c \u043a \u043d\u0435\u0439, \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u043d\u0430\u043c\u0438 \u0440\u0430\u043d\u0435\u0435, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u0447\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437 OSSIM.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/961\/d13\/804\/961d138040e444249de4d3810d74e223.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c OSSIM. \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043d\u0438\u0447\u0435\u043c \u043d\u0435 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Debian, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0443\u043d\u043a\u0442\u043e\u0432 \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u043c\u0435\u043d\u044c\u0448\u0435.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/236\/168\/2f9\/2361682f96374d61a386129fbe0f5e0f.gif?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u043e\u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u0430, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u043b\u044f \u043a\u0440\u0430\u0442\u043a\u043e\u0441\u0442\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b \u0432 \u0430\u043d\u0438\u043c\u0430\u0446\u0438\u0438 \u043e\u043f\u0443\u0449\u0435\u043d\u044b.<br \/>\n\u041f\u043e\u0441\u043b\u0435 \u0432\u0432\u043e\u0434\u0430 \u0432\u0441\u0435\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043d\u0430\u0447\u043d\u0451\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/c5e\/aa6\/45e\/c5eaa645e0ee450db469519819f69981.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u044d\u0442\u0430\u043f\u0435 \u00ab\u0417\u0430\u043f\u0443\u0441\u043a cdsetup\u2026\u00bb \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0432\u0438\u0441\u043d\u0443\u0442\u044c \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0440\u0435\u043c\u044f, \u0442\u0430\u043a \u0438 \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c.<br \/>\n\u041f\u043e \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044e \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u043a\u043e\u043d\u0441\u043e\u043b\u044c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/83f\/ea8\/2cc\/83fea82cc22542279029612509e9e965.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0417\u0430\u0445\u043e\u0434\u0438\u043c \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0439 \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0438 \u0432\u0432\u043e\u0434\u0438\u043c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/4fb\/c9e\/559\/4fbc9e559b9b473cab949b2f4e191984.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u044d\u0442\u043e\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0437\u0430\u043a\u043e\u043d\u0447\u0435\u043d\u0430.<\/p>\n<h4 style=\"text-align: justify;\">\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 OSSIM<\/h4>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 OSSIM \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b 3 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b: Windows server 2008 R2, Windows 7 SP1, Ubuntu 14.04 LTS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u044b, \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438 \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043a \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0443. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e, \u043c\u044b \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0443\u044e IDS \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043d\u0430\u00a0<a href=\"https:\/\/www.kismetwireless.net\/\">Kismet<\/a>, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u00ab\u0441\u0435\u043d\u0441\u043e\u0440\u0430\u00bb \u0445\u043e\u0441\u0442 \u0441 \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u041e\u0421 Debian 6.<\/p>\n<h5 style=\"text-align: justify;\"><a name=\"21\"><\/a>\u041c\u0430\u0441\u0442\u0435\u0440 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438<\/h5>\n<p class=\"content html_format\">\u0412\u0432\u043e\u0434\u0438\u043c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u043c \u043f\u0443\u043d\u043a\u0442\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/db7\/2d8\/142\/db72d8142915463fb1e4fad8600842d3.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0418 \u043f\u0435\u0440\u0435\u0434 \u043d\u0430\u043c\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u043a\u043d\u043e \u043c\u0430\u0441\u0442\u0435\u0440\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/968\/25f\/5da\/96825f5da85544fca2b85263538d3e7e.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u0435\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/27f\/ec1\/71d\/27fec171dae5452c835df8574346e837.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u043f\u0443\u043d\u043a\u0442\u0435 OSSIM \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u043e\u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0442\u044c \u0438 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0442\u0438\u043f \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0443\u0437\u043b\u043e\u0432, \u0432 \u043d\u0430\u0448\u0435\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043e \u0432\u0441\u0451, \u0447\u0442\u043e \u043d\u0435 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0442\u0435\u0441\u0442\u043e\u0432\u043e\u043c\u0443 \u0441\u0442\u0435\u043d\u0434\u0443:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/574\/cc3\/523\/574cc352334844019af1bccc57df6e6e.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u043c\u043e\u0436\u043d\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0445\u043e\u0441\u0442\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (OSSEC). \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0435\u0451 \u0434\u043b\u044f Windows Server. \u0412\u0432\u043e\u0434\u0438\u043c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043d\u0430\u0436\u0438\u043c\u0430\u0435\u043c \u00abDEPLOY\u00bb:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/aea\/ab0\/a16\/aeaab0a16ee246d2b396155ca4f14498.gif?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u044c \u0442\u043e \u0436\u0435 \u0441\u0430\u043c\u043e\u0435 \u0434\u043b\u044f Linux \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e, \u0442.\u043a. \u0432 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 OSSEC \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0431\u0435\u0437 \u0430\u0433\u0435\u043d\u0442\u0430 (<a href=\"http:\/\/ossec-docs.readthedocs.org\/en\/latest\/manual\/agent\/agentless-monitoring.html\">Agentless<\/a>).<br \/>\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u043d\u0430\u043c \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0442 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u043b\u043e\u0433\u043e\u0432, \u044d\u0442\u043e\u0442 \u043f\u0443\u043d\u043a\u0442 \u043c\u044b \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0438 \u0432\u0435\u0440\u043d\u0451\u043c\u0441\u044f \u043a \u043d\u0435\u043c\u0443 \u043f\u043e\u0437\u0436\u0435, \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0433\u043b\u0430\u0432\u0435:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/33b\/d7d\/376\/33bd7d376a8241d789a5c65908b136e0.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c \u043f\u0443\u043d\u043a\u0442\u0435 \u043d\u0430\u043c \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0430\u0442 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0435\u043d\u0438\u0442\u044c\u0441\u044f \u043a OTX, \u0435\u0441\u043b\u0438 \u0435\u0441\u0442\u044c \u0436\u0435\u043b\u0430\u043d\u0438\u0435, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u043c\u0441\u044f \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435\u00a0<a href=\"https:\/\/www.alienvault.com\/my-account\/customer\/signup\/\">www.alienvault.com\/my-account\/customer\/signup<\/a>\u00a0\u0438 \u0432\u0432\u043e\u0434\u0438\u043c \u0442\u043e\u043a\u0435\u043d:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/807\/0d8\/1d7\/8070d81d7f1b452682249e91ad0b434c.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/080\/398\/f6e\/080398f6e51b4bacb1902113f186c1ad.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0414\u0430\u043b\u0435\u0435 \u0432\u0438\u0434\u0438\u043c \u0432\u0441\u043f\u043b\u044b\u0432\u0430\u044e\u0449\u0435\u0435 \u043e\u043a\u043d\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/417\/153\/6b6\/4171536b68894b3a855cee84e9341417.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430\u0436\u0438\u043c\u0430\u0435\u043c Explore Alienvault OSSIM \u0438 \u043d\u0430 \u044d\u0442\u043e\u043c \u0440\u0430\u0431\u043e\u0442\u0430 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0437\u0430\u043a\u043e\u043d\u0447\u0435\u043d\u0430.<\/p>\n<h5 style=\"text-align: justify;\"><a name=\"22\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439<\/h5>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412 OSSIM \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u0434\u0435\u043b \u00abAlarm\u00bb, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u044b \u0441\u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0434\u043d\u0430\u043a\u043e \u043f\u043e \u0442\u0430\u043a\u0438\u043c \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f. \u0417\u0430\u0442\u043e \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0435\u0441\u0442\u044c \u0440\u0430\u0437\u0434\u0435\u043b \u00abTickets\u00bb, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e \u043a\u0430\u0436\u0434\u043e\u043c\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u044e \u0438\u043b\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0434\u0430\u0447\u0443.<br \/>\n\u00ab\u0422\u0438\u043a\u0435\u0442\u044b\u00bb \u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u043c \u0438\u043b\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438 \u043f\u043e\u043f\u0430\u0434\u0430\u043d\u0438\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0438\u0437 \u043b\u043e\u0433\u043e\u0432 \u00abSecurity Events (SIEM)\u00bb \u0432 \u00abAlarms\u00bb, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u00ab\u0442\u0438\u043a\u0435\u0442\u0430\u00bb, OSSIM \u043c\u043e\u0436\u0435\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f, \u0447\u0435\u0433\u043e \u043c\u044b \u0441\u0435\u0439\u0447\u0430\u0441 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c.<br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u0432 2 \u044d\u0442\u0430\u043f\u0430, \u0432\u043e \u043f\u0435\u0440\u0432\u044b\u0445 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c postfix, \u0432\u043e \u0432\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439.<br \/>\n\u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c SSH \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043a OSSIM:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/43c\/08d\/6a3\/43c08d6a312f448b9651af19eea8eb0d.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0412\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u043f\u0443\u043d\u043a\u0442 Jailbreak System \u0438 \u043f\u043e\u043f\u0430\u0434\u0430\u0435\u043c \u0432 \u043a\u043e\u043d\u0441\u043e\u043b\u044c, \u0432\u0432\u043e\u0434\u0438\u043c:<\/p>\n<pre><code class=\"\" data-line=\"\">sed -i -e &quot;s@mailserver_relay=no@mailserver_relay=my.corporate.mail.server@&quot; \/etc\/ossim\/ossim_setup.conf\necho relayhost = my.corporate.mail.server:25 &gt;&gt; \/etc\/postfix\/main.cf\nservice postfix restart\n<\/code><\/pre>\n<p class=\"content html_format\"><i>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u0432\u043c\u0435\u0441\u0442\u043e my.corporate.mail.server \u0443\u043a\u0430\u0436\u0438\u0442\u0435 \u0441\u0432\u043e\u0439 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u043f\u0440\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043b\u044e\u0431\u044b\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 postfix (\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0432\u0446\u0438\u044f, \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u043e\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438 \u0442.\u043f.) \u2013 \u0441\u043c\u043e\u0442\u0440\u0438\u0442\u0435\u00a0<a href=\"http:\/\/www.postfix.org\/documentation.html\">\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044e \u043f\u043e postfix<\/a>.<\/i><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438 \u0432 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/595\/07b\/ee2\/59507bee2560401db399bb5736438649.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u0434\u0430\u043d\u043d\u043e\u0439 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438, \u043b\u044e\u0431\u043e\u0435 \u0441\u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u0435 \u0431\u0443\u0434\u0435\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0442\u0438\u043a\u0435\u0442 \u0438 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u044f\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.<\/p>\n<h5 style=\"text-align: justify;\"><a name=\"23\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 HIDS<\/h5>\n<p class=\"content html_format\">\u0412 \u0440\u043e\u043b\u0438 \u0445\u043e\u0441\u0442\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0432 OSSIM \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u043d\u0435 \u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439\u00a0<a href=\"http:\/\/ossec.net\">OSSEC<\/a>, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043c\u044b \u0440\u0430\u0437\u0431\u0435\u0440\u0451\u043c \u0434\u0430\u043b\u0435\u0435.<br \/>\n\u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 HIDS \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u0432 Environment -&gt; Detection -&gt; HIDS -&gt; Agents \u0438 \u0432\u0438\u0434\u0438\u043c 2 \u0445\u043e\u0441\u0442\u0430, \u043f\u0435\u0440\u0432\u044b\u0439 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0441\u0430\u043c AlienVault, \u0432\u0442\u043e\u0440\u043e\u0439 \u2013 Windows Server, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u044b \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 \u043d\u0430 \u043f\u0443\u043d\u043a\u0442\u0435 \u00abDeploy HIDS\u00bb \u0432 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \u00ab\u041c\u0430\u0441\u0442\u0435\u0440\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438\u00bb. \u0417\u0430\u0445\u043e\u0434\u0438\u043c \u0432 \u043c\u0435\u043d\u044e \u0430\u0433\u0435\u043d\u0442\u043e\u0432 HIDS:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/a4d\/737\/8e1\/a4d7378e183c461b977a65bbee685ee4.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0414\u043e\u0431\u0430\u0432\u0438\u043c Windows 7 \u0438 Ubuntu:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/1cd\/f04\/274\/1cdf042741124e038d1c0cc65f390151.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"231\"><\/a>Windows<\/h6>\n<p class=\"content html_format\" style=\"text-align: center;\">\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 HIDS \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0436\u0438\u043c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438\u00a0<img data-recalc-dims=\"1\" decoding=\"async\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/4f3\/871\/4d6\/4f38714d6c0b44acad58b3aa5fbdd78d.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/>\u00a0\u0438\u043b\u0438 \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u0433\u043e\u0442\u043e\u0432\u044b\u0439 exe \u0444\u0430\u0439\u043b\u00a0<img data-recalc-dims=\"1\" decoding=\"async\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/a06\/105\/951\/a061059515d3405e9b42a72e186121c7.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/>.<br \/>\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0432 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043d\u0435 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0442\u043e\u0439, \u0447\u0442\u043e \u043c\u044b \u0443\u0436\u0435 \u0434\u0435\u043b\u0430\u043b\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/2f9\/89d\/45a\/2f989d45abc84acc838b77875341e665.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0432 \u0440\u0443\u0447\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e exe \u0444\u0430\u0439\u043b\u0430, OSSEC \u0430\u0433\u0435\u043d\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0432 \u00ab1 \u043a\u043b\u0438\u043a\u00bb, \u0431\u0435\u0437 \u0432\u0432\u043e\u0434\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/979\/0bf\/c9d\/9790bfc9d2de40618a83fd1f08e0b4a1.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u043c\u044b \u0443\u0432\u0438\u0434\u0438\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/3a0\/5bc\/817\/3a05bc8173294d9699ec6f969ebe5ea6.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"232\"><\/a>Ubuntu<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c Ubuntu, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043f\u043e SSH \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c OSSEC:<\/p>\n<pre><code class=\"\" data-line=\"\">sudo -s\napt-get install curl\ncurl --header &#039;Host: www.ossec.net&#039; --header &#039;User-Agent: Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko\/20100101 Firefox\/31.0&#039; --header &#039;Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8&#039; --header &#039;Accept-Language: en-US,en;q=0.5&#039; --header &#039;DNT: 1&#039; --header &#039;Referer: http:\/\/www.ossec.net\/?page_id=19&#039; --header &#039;Connection: keep-alive&#039; &#039;http:\/\/www.ossec.net\/files\/ossec-hids-2.8.tar.gz&#039; -o &#039;ossec-hids-2.8.1.tar.gz&#039; \u2013L<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\"><i>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u0447\u0435\u0440\u0435\u0437 wget \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442, \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 ossec.net \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442\u0441\u044f User-Agent.<\/i><\/p>\n<pre><code class=\"\" data-line=\"\">tar xzf ossec-hids-2.8.1.tar.gz\ncd ossec-hids-2.8\/\n\/bin\/bash .\/install.sh<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/14a\/cbf\/770\/14acbf77068146fbb3aee5e79dabbc9f.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/2b0\/495\/999\/2b04959994d14bcfa643b888f8b2b45a.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<i>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u043f\u0443\u043d\u043a\u0442 3.4, \u0440\u0435\u0436\u0438\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b (IPS \u0432\u043c\u0435\u0441\u0442\u043e IDS) \u0432\u043a\u043b\u044e\u0447\u0430\u0439\u0442\u0435 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e, \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0442\u043e\u043b\u044c\u043a\u043e \u0440\u0435\u0436\u0438\u043c \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u00abn\u00bb \u0432\u043c\u0435\u0441\u0442\u043e \u00aby\u00bb.\u00a0<\/i><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043c \u043a\u043b\u044e\u0447, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u0441\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u0432 \u043c\u0435\u043d\u044e \u0430\u0433\u0435\u043d\u0442\u043e\u0432 HIDS \u0438 \u043a\u043b\u0438\u043a\u0430\u0435\u043c \u043d\u0430\u00a0<img data-recalc-dims=\"1\" decoding=\"async\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/4f9\/576\/744\/4f9576744e1442ed902a51c3e65bddd5.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/>:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/d6a\/0dd\/7be\/d6a0dd7bedb54ef8a799ff1904c58f49.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0417\u0430\u043f\u0443\u0441\u0442\u0438\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u044b \/var\/ossec\/bin\/manage_agents, \u043d\u0430\u0436\u0438\u043c\u0430\u0435\u043c I, \u0432\u0432\u043e\u0434\u0438\u043c \u043a\u043b\u044e\u0447 \u0438 \u0432\u044b\u0445\u043e\u0434\u0438\u043c(Q):<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/94d\/d5e\/d17\/94dd5ed17c1e4821a376934faab8fe2a.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c OSSEC:<\/p>\n<pre><code class=\"\" data-line=\"\">service ossec restart\n<\/code><\/pre>\n<p class=\"content html_format\">\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u043c\u044b \u0443\u0432\u0438\u0434\u0438\u043c \u00abActive\u00bb \u043d\u0430\u043f\u0440\u043e\u0442\u0438\u0432 \u0445\u043e\u0441\u0442\u0430:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/9e3\/cdb\/f80\/9e3cdbf8042746afb028468285e361d3.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0415\u0441\u043b\u0438 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0430\u0433\u0435\u043d\u0442 \u043d\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f, \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0432 \u0441\u043f\u0438\u0441\u043a\u0435, \u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c OSSEC, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043f\u043e SSH \u043a OSSIM \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/3ef\/625\/5f2\/3ef6255f24834ea886ae8b6a7c0eb6f8.gif?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041d\u0430 \u044d\u0442\u043e\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 HIDS \u0437\u0430\u043a\u043e\u043d\u0447\u0435\u043d\u0430, \u0442\u0435\u043f\u0435\u0440\u044c \u043d\u0430 \u0437\u0430\u043a\u043b\u0430\u0434\u043a\u0435 Environment -&gt; Detection \u043c\u043e\u0436\u043d\u043e \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u043b\u043e\u0433\u0438 OSSEC:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/6ab\/fb7\/bf7\/6abfb7bf71a2454f980f50dbd98fc1a0.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/p>\n<h5 style=\"text-align: justify;\"><a name=\"24\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 WIDS<\/h5>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 WIDS \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:<\/p>\n<ol style=\"text-align: justify;\">\n<li>\u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0445\u043e\u0441\u0442 \u0441 \u041e\u0421 Debian 6<\/li>\n<li>\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043c \u043a \u043d\u0435\u043c\u0443 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c Wi-Fi \u043a\u0430\u0440\u0442\u0443<\/li>\n<li>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c kismet<\/li>\n<li>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043d\u0430 OSSIM OpenVPN \u0441\u0435\u0440\u0432\u0435\u0440<\/li>\n<li>\u0421\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u0435\u043c \u0441\u0432\u044f\u0437\u044c \u043c\u0435\u0436\u0434\u0443 OSSIM \u0438 Debian 6<\/li>\n<li>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u0438 \u0437\u0430\u043f\u0438\u0441\u044c \u043b\u043e\u0433\u043e\u0432 \u0432 rsyslog<\/li>\n<li>\u0412\u043a\u043b\u044e\u0447\u0438\u043c \u043f\u043b\u0430\u0433\u0438\u043d kismet<\/li>\n<li>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0438\u043c\u043f\u043e\u0440\u0442 \u043f\u043e \u043a\u0440\u043e\u043d\u0443 \u043b\u043e\u0433\u043e\u0432 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 XML \u0438\u0437 kismet-\u0430<\/li>\n<li>\u0414\u043e\u0431\u0430\u0432\u0438\u043c \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u043d\u0441\u043e\u0440 \u0432 OSSIM<\/li>\n<li>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0440\u0435\u0448\u0435\u043d\u0438\u044f<\/li>\n<\/ol>\n<h6 style=\"text-align: justify;\"><a name=\"241\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b<\/h6>\n<p class=\"content html_format\">\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 IDS \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430\u043c \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0445\u043e\u0441\u0442 \u0441 \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c Debian 6.<br \/>\n\u0421\u043e\u0437\u0434\u0430\u0451\u043c \u043d\u043e\u0432\u0443\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u043d\u0430 ESXi \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0442\u0443\u0434\u0430 USB \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0438 USB Wi-Fi \u043a\u0430\u0440\u0442\u0443:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/0b6\/f39\/8bd\/0b6f398bd4b44a858c4e7c9bb78ea1c9.gif?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f USB Wi-Fi \u043a\u0430\u0440\u0442\u0430 TOTOLink N500UD.<\/p>\n<h6 style=\"text-align: justify;\"><a name=\"242\"><\/a>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 Debian<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0423\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c\u00a0<a href=\"http:\/\/www.debian.org\/releases\/squeeze\/debian-installer\/\">Debian 6<\/a>. \u0412\u0441\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0451 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u0435, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Debian \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u0430\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432 \u044d\u0442\u043e\u043c \u043c\u0430\u043d\u0443\u0430\u043b\u0435 \u043e\u043f\u0443\u0449\u0435\u043d\u0430.<br \/>\n\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u041e\u0421, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043a SSH \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0<a href=\"http:\/\/totolink.ru\/items\/view\/20\">\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u043a\u0430\u0440\u0442\u044b<\/a>:<\/p>\n<pre><code class=\"\" data-line=\"\">wget http:\/\/totolink.ru\/files\/soft\/N500UD_Linux_V2.6.1.3.zip\napt-get install unzip\nunzip N500UD_Linux_V2.6.1.3.zip\napt-get install build-essential \napt-get install linux-headers-$(uname -r)\nmake\nmake install\naptitude install wireless-tools\napt-get install ssh openvpn kismet ntp\nreboot\n<\/code><\/pre>\n<p class=\"content html_format\">\u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u043e\u0432\u043e\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0432 iwconfig:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/107\/bff\/4ea\/107bff4eab4a48c79df8317049a9c0b8.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u0438\u0437 Debian \u0432 OSSIM:<\/p>\n<pre><code class=\"\" data-line=\"\">echo &quot;*.* @10.67.68.1&quot; &gt; \/etc\/rsyslog.d\/wids_alienvault.conf\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">IP \u0430\u0434\u0440\u0435\u0441 \u043d\u0435 \u043c\u0435\u043d\u044f\u0439\u0442\u0435, \u043e\u043d \u0442\u0430\u043a\u0438\u043c \u0438 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c. \u042d\u0442\u043e IP \u0430\u0434\u0440\u0435\u0441 OpenVPN \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043f\u043e\u0434\u043d\u044f\u0442 \u0432 OSSIM.<br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u0441\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0441\u043a\u0440\u0438\u043f\u0442<b>\u00a0\/etc\/init.d\/wids_alienvault.sh<\/b>\u00a0\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f:<\/p>\n<pre><code class=\"\" data-line=\"\">#!\/bin\/sh\n\/usr\/bin\/kismet_server -l xml -t kismet -f \/etc\/kismet\/kismet.conf 2&gt;&amp;1 | logger -t kismet -p local7.1\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0414\u0430\u0434\u0438\u043c \u0435\u043c\u0443 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0437\u0430\u043f\u0443\u0441\u043a:<\/p>\n<pre><code class=\"\" data-line=\"\">chmod 755 \/etc\/init.d\/wids_alienvault.sh\n<\/code><\/pre>\n<p class=\"content html_format\">\u0418 \u0432\u043f\u0438\u0448\u0435\u043c \u0435\u0433\u043e \u043d\u0430 \u0430\u0432\u0442\u043e\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432 \/etc\/rc.local \u0434\u043e exit 0:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/22b\/30c\/83f\/22b30c83fb4e4391a5b0884d8bc6298f.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c kismet.<br \/>\n\u0412 \u0444\u0430\u0439\u043b\u0435<b>\u00a0\/etc\/kismet\/kismet.conf<\/b><br \/>\n\u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0430\u0434\u0430\u043f\u0442\u0435\u0440:<\/p>\n<pre><code class=\"\" data-line=\"\">source=rt2500,ra0,ra0-wids\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0447\u0438\u043f\u0441\u0435\u0442\u0430 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<\/p>\n<pre><code class=\"\" data-line=\"\">lsmod | grep ^usbcore\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0432\u0440\u0435\u043c\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f XML \u043e\u0442\u0447\u0451\u0442\u0430:<\/p>\n<pre><code class=\"\" data-line=\"\">logexpiry=3600\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0438\u043c\u044f \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043b\u043e\u0433\u043e\u0432, \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b OSSIM \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b, \u043a\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0443\u0436\u043d\u043e \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0447\u0438\u0441\u0442\u0438\u0442\u044c:<\/p>\n<pre><code class=\"\" data-line=\"\">logdefault=10.67.68.10\nlogtemplate=\/var\/log\/kismet\/%n_%D-%i.%l\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c\u0441\u044f:<\/p>\n<pre><code class=\"\" data-line=\"\">reboot\n<\/code><\/pre>\n<h6 style=\"text-align: justify;\"><a name=\"243\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 OpenVPN<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043a OSSIM \u043f\u043e SSH, \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u043f\u0443\u043d\u043a\u0442 \u00abJailbreak system\u00bb \u0438 \u0432\u0432\u043e\u0434\u0438\u043c \u043a\u043e\u043c\u043c\u0430\u043d\u0434\u0443:<\/p>\n<pre><code class=\"\" data-line=\"\">alienvault-reconfig --add_vpnnode=WIDS-Sensor\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u0441\u044f \u043a Debian \u0438 \u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 OpenVPN \u0441 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c\u0438:<\/p>\n<pre><code class=\"\" data-line=\"\">scp root@10.1.193.123:\/etc\/openvpn\/nodes\/WIDS-Sensor.tar.gz ~\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041f\u0440\u0438\u043c\u0435\u043d\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0433:<\/p>\n<pre><code class=\"\" data-line=\"\">tar xzf WIDS-Sensor.tar.gz\nrm -f WIDS-Sensor.tar.gz\nmv * \/etc\/openvpn\/\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c OpenVPN:<\/p>\n<pre><code class=\"\" data-line=\"\">\/etc\/init.d\/openvpn restart\nIfconfig tun0\n<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/190\/33b\/3b9\/19033b3b903d43d499a0b74935537c0c.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"244\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 Kismet<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u043e\u0431\u0440\u0430\u0442\u043d\u043e \u0432 OSSIM.<br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c rsyslog:<\/p>\n<pre><code class=\"\" data-line=\"\">echo if \\$programname contains \\&#039;ismet\\&#039; then \/var\/log\/kismet.log &gt;&gt; \/etc\/rsyslog.d\/kismet.conf\necho \\&amp; \\~ &gt;&gt; \/etc\/rsyslog.d\/kismet.conf\nservice rsyslog restart\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0418\u0437\u043c\u0435\u043d\u0438\u043c \u043f\u0443\u0442\u044c \u043a \u0444\u0430\u0439\u043b\u0443, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u0431\u0438\u0440\u0430\u0442\u044c \u043b\u043e\u0433\u0438:<\/p>\n<pre><code class=\"\" data-line=\"\">sed \u2013i \u2013e &quot;s@\/var\/log\/syslog@\/var\/log\/kismet.log@&quot; \/etc\/ossim\/agent\/plugins\/kismet.cfg\n<\/code><\/pre>\n<p class=\"content html_format\">\u0422\u0435\u043f\u0435\u0440\u044c \u0432\u043a\u043b\u044e\u0447\u0438\u043c \u043f\u043b\u0430\u0433\u0438\u043d, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043b\u043e\u0433\u0438 kismet, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 exit \u0432\u044b\u0445\u043e\u0434\u0438\u043c \u0432 \u043c\u0435\u043d\u044e OSSIM \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u043f\u043b\u0430\u0433\u0438\u043d:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/7ab\/8ad\/7e3\/7ab8ad7e3241442387d259c37b2c97c4.gif?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0415\u0441\u043b\u0438 \u0432\u0441\u0451 \u0441\u0434\u0435\u043b\u0430\u043d\u043e \u0432\u0435\u0440\u043d\u043e, \u043c\u044b \u0443\u0432\u0438\u0434\u0438\u043c \u043b\u043e\u0433\u0438 \u0432 \u00abAnalysis -&gt; Security Events (SIEM)\u00bb:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/2ee\/a5b\/e00\/2eea5be00ddf4405baf24136b2a6011c.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"245\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438\u043c\u043f\u043e\u0440\u0442\u0430 XML \u043b\u043e\u0433\u043e\u0432<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0422\u0435\u043f\u0435\u0440\u044c \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438\u043c\u043f\u043e\u0440\u0442 \u043b\u043e\u0433\u043e\u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0430 XML \u0438\u0437 Debian.<br \/>\n\u042d\u0442\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b OSSIM \u043c\u043e\u0433 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u043b\u0435\u0440\u0442\u044b, \u0430 \u0432\u0441\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e Wi-Fi \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445 \u0438 \u0441\u0435\u0442\u044f\u0445 \u043f\u043e \u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0431\u0443\u0434\u0443\u0442 \u043e\u0442\u0440\u0430\u0436\u0435\u043d\u044b \u0432 Environment -&gt; Detection -&gt; Wireless IDS.<br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044e SSH \u0431\u0435\u0437 \u043f\u0430\u0440\u043e\u043b\u044f, \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0441\u043a\u0440\u0438\u043f\u0442, \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0449\u0438\u0439 XML \u043e\u0442\u0447\u0451\u0442\u044b \u0438 \u0447\u0438\u0441\u0442\u044f\u0449\u0438\u0439 \u0438\u0445 \u0441 \u0441\u0435\u043d\u0441\u043e\u0440\u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u043b.<br \/>\n\u0412 OSSIM \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c:<\/p>\n<pre><code class=\"\" data-line=\"\">ssh-keygen\t\nssh-copy-id root@10.67.68.10\n<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/2e9\/305\/9be\/2e93059beeb7466cb8869c9f893a24c7.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u0441\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0444\u0430\u0439\u043b\u00a0<b>\/etc\/cron.hourly\/kismet\u00a0<\/b>\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u044f:<\/p>\n<pre><code class=\"\" data-line=\"\">#!\/bin\/bash\n\/usr\/bin\/perl \/usr\/share\/ossim\/www\/wireless\/fetch_kismet.pl\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">C\u043a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0441\u0430\u043c \u0441\u043a\u0440\u0438\u043f\u0442:<\/p>\n<pre><code class=\"\" data-line=\"\">cp \/usr\/share\/ossim\/www\/wireless\/kismet_sites.pl \/var\/ossim\/kismet\/kismet_sites.pl\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0418 \u043f\u043e\u043f\u0440\u0430\u0432\u0438\u043c \u0432 \u043d\u0451\u043c \u0430\u0434\u0440\u0435\u0441:<\/p>\n<pre><code class=\"\" data-line=\"\">echo \\$sites{\\&#039;10.67.68.10\\&#039;}=\\&#039;\/var\/log\/kismet\\&#039;\\; &gt;&gt; \/var\/ossim\/kismet\/kismet_sites.pl<\/code><\/pre>\n<h6 style=\"text-align: justify;\"><a name=\"246\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0435\u043d\u0441\u043e\u0440\u0430<\/h6>\n<p class=\"content html_format\">\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0435\u0440\u0435\u0439\u0434\u0451\u043c \u0432 \u0432\u0435\u0431 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/38b\/0d2\/894\/38b0d289400246558ca9dda8d7f1f403.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/>\u0414\u043e\u0431\u0430\u0432\u0438\u043c \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u043d\u0441\u043e\u0440:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/6a3\/302\/8f5\/6a33028f533b473ea11f7f0e4640d450.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0421\u0442\u0430\u0442\u0443\u0441 \u0441\u0435\u043d\u0441\u043e\u0440\u0430 \u0431\u0443\u0434\u0435\u0442 \u0441 \u043a\u0440\u0430\u0441\u043d\u044b\u043c \u043a\u0440\u0435\u0441\u0442\u0438\u043a\u043e\u043c, \u0442\u0430\u043a \u0438 \u0434\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/824\/a0b\/d3e\/824a0bd3e2044316a73dfe0998052448.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u0432 Environment -&gt; Detection -&gt; Wireless IDS \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438 \u0441\u0435\u043d\u0441\u043e\u0440:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/4b1\/196\/15e\/4b119615ec094ca39c22cf93734fbb1e.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/3f8\/ced\/82e\/3f8ced82e264468e9023131a1e1e3952.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/e51\/b12\/19f\/e51b1219f6a9433a8e8202e292aec085.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter lazyload\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/a51\/349\/1d5\/a513491d57a54e1883fafdd4840cca27.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0443:<\/p>\n<pre><code class=\"\" data-line=\"\">\/usr\/bin\/perl \/usr\/share\/ossim\/www\/wireless\/fetch_kismet.pl\n<\/code><\/pre>\n<p class=\"content html_format\">\u0418 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0445\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/7ee\/d66\/5d1\/7eed665d16984bd3971329e38fd24fb6.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0418 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0432 \u043f\u0443\u043d\u043a\u0442\u0435 Environment -&gt; Detection -&gt; Wireless IDS \u043f\u043e\u044f\u0432\u044f\u0442\u0441\u044f \u0434\u0430\u043d\u043d\u044b\u0435:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/857\/c9a\/5bf\/857c9a5bf4af4c2882411a64f7513e86.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h5 style=\"text-align: justify;\"><a name=\"25\"><\/a>\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0441\u0431\u043e\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043b\u043e\u0433\u043e\u0432<\/h5>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0441\u0431\u043e\u0440 \u043b\u043e\u0433\u043e\u0432 \u0441 VMware ESXi, Windows \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 Ubuntu.<br \/>\n\u0414\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u043b\u043e\u0433\u043e\u0432 \u043d\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f:<\/p>\n<ol style=\"text-align: justify;\">\n<li>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u0441 \u0445\u043e\u0441\u0442\u043e\u0432 \u0432 OSSIM<\/li>\n<li>\u041f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c, \u0438\u0437 \u043a\u0430\u043a\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043b\u0430\u0433\u0438\u043d OSSIM, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0441\u043e\u0431\u044b\u0442\u0438\u044f, \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442 \u043b\u043e\u0433\u0438<\/li>\n<li>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u043b\u043e\u0433\u043e\u0432 \u0441 \u0445\u043e\u0441\u0442\u043e\u0432 \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e rsyslog<\/li>\n<li>\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d<\/li>\n<li>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c<\/li>\n<\/ol>\n<h6 style=\"text-align: justify;\"><a name=\"251\"><\/a>VMware<\/h6>\n<p class=\"content html_format\">\u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u0432 ESXi, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/bd5\/fd9\/7ed\/bd5fd97ed32c4768b60e02490e6f977c.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0418 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u043f\u043e UDP:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/8c5\/853\/71f\/8c585371f0e14b1fb895b4b8dbe4d6e7.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c, \u043e\u0442\u043a\u0443\u0434\u0430 \u043f\u043b\u0430\u0433\u0438\u043d ESXi \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u0431\u0438\u0440\u0430\u0442\u044c \u043b\u043e\u0433\u0438<\/p>\n<pre><code class=\"\" data-line=\"\">cat \/etc\/ossim\/agent\/plugins\/vmware-esxi.cfg | grep location\n<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/c26\/80f\/b85\/c2680fb85cc34946bb4f4d5d01c51ec8.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c rsyslog:<\/p>\n<pre><code class=\"\" data-line=\"\">echo if \\$fromhost-ip == \\&#039;10.1.193.76\\&#039; then -\/var\/log\/vmware-esxi.log &gt;&gt; \/etc\/rsyslog.d\/esxi.conf\nservice rsyslog restart\n<\/code><\/pre>\n<p class=\"content html_format\">\u0422\u0435\u043f\u0435\u0440\u044c \u0432\u043a\u043b\u044e\u0447\u0438\u043c \u043f\u043b\u0430\u0433\u0438\u043d, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043f\u043e SSH \u043a OSSIM:<a name=\"2511\"><\/a><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/f48\/4d0\/706\/f484d0706be642d1b353cd26e43e4a90.gif?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c Analysis -&gt; Security Events (SIEM) \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/c68\/28a\/e6b\/c6828ae6bed84241b486148bb28b3c58.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"252\"><\/a>Windows Server<\/h6>\n<p class=\"content html_format\">\u0414\u043b\u044f \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043b\u043e\u0433\u043e\u0432 \u0441 Windows, \u043d\u0430\u043c \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u00a0<a href=\"http:\/\/sourceforge.net\/projects\/snare\/\">Snare<\/a>, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043b\u043e\u0433\u0438 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 syslog-\u0430.<br \/>\n\u0421\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/1f1\/2b9\/125\/1f12b91258a145c3b914273829850b98.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0412\u043a\u043b\u044e\u0447\u0430\u0435\u043c web \u0434\u043e\u0441\u0442\u0443\u043f:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/659\/c48\/4d8\/659c484d842948c6b3af827ce742bbe7.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0417\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/b95\/d30\/909\/b95d309091d54ed5a30395c43dcbed0e.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 \u0430\u0434\u0440\u0435\u0441:\u00a0<a href=\"http:\/\/localhost\">localhost<\/a>:6161<br \/>\n\u0412\u0432\u043e\u0434\u0438\u043c \u043b\u043e\u0433\u0438\u043d snare, \u043f\u0430\u0440\u043e\u043b\u044c \u0442\u043e\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u043b\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438, \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u0432 \u00abNetwork configuration\u00bb \u0438 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/d92\/842\/fd7\/d92842fd71cc406f84d0a14d11f6d739.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/914\/494\/260\/914494260438407db4f8a414a1da7741.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c snare:<\/p>\n<pre><code class=\"\" data-line=\"\">net stop snare\nnet start snare\n<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/2c1\/018\/2c4\/2c10182c48cf4f9897513c2ae04f6248.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c, \u043e\u0442\u043a\u0443\u0434\u0430 \u043f\u043b\u0430\u0433\u0438\u043d \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u043b\u043e\u0433\u0438:<\/p>\n<pre><code class=\"\" data-line=\"\">cat \/etc\/ossim\/agent\/plugins\/snare.cfg | grep location\n<\/code><\/pre>\n<p class=\"content html_format\"><img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/ce5\/9a4\/7d1\/ce59a47d11ca43f3869353c003858bec.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c rsyslog. \u0412 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 rsyslog \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u043d\u0444\u0438\u0433 snare(zzzzz_snare.conf), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u044b \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043c, \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0443\u044f\u0441\u044c\u00a0<a href=\"https:\/\/www.alienvault.com\/forums\/discussion\/2371\/snare-logs-show-up-in-syslog-but-not-the-siem-gui\">\u0444\u043e\u0440\u0443\u043c\u043e\u043c OSSIM<\/a>, \u0437\u0430\u043c\u0435\u043d\u0438\u0432 \u0432\u0441\u0435\u0433\u043e 1 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440:<\/p>\n<pre><code class=\"\" data-line=\"\">sed -i -e &quot;s@msg@rawmsg@&quot; \/etc\/rsyslog.d\/zzzzz_snare.conf\nservice rsyslog restart\n<\/code><\/pre>\n<p class=\"content html_format\">\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043f\u043b\u0430\u0433\u0438\u043d, \u043f\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0438 \u0441 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u043e\u0439\u00a0<a href=\"#2511\">VMware<\/a>, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u0432\u044b\u0431\u043e\u0440\u0430 \u0441\u0430\u043c\u043e\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u0430:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/b6c\/838\/949\/b6c8389498b34c63aad667d88fad13b0.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043c \u0432 Analysis -&gt; Security Events (SIEM):<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/1bb\/d27\/9aa\/1bbd279aa9fc44628a25519010a9af8b.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"253\"><\/a>Ubuntu<\/h6>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 Ubuntu \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c rsyslog. \u041f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u0441\u044f \u043a Ubuntu \u043f\u043e SSH \u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u0432 OSSIM:<\/p>\n<pre><code class=\"\" data-line=\"\">echo *.* @10.1.193.123 &gt; \/etc\/rsyslog.d\/alienvault.conf\nservice rsyslog restart\n<\/code><\/pre>\n<p class=\"content html_format\">\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c, \u043e\u0442\u043a\u0443\u0434\u0430 \u043f\u043b\u0430\u0433\u0438\u043d \u0431\u0435\u0440\u0451\u0442 \u043b\u043e\u0433\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/44c\/b34\/f83\/44cb34f83d6b48d594a4c2a949bd110d.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<pre><code class=\"\" data-line=\"\">cat \/etc\/ossim\/agent\/plugins\/syslog.cfg\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u041c\u0435\u043d\u044f\u0435\u043c \u043f\u0443\u0442\u044c \u043a \u0444\u0430\u0439\u043b\u0443 \u043b\u043e\u0433\u043e\u0432:<\/p>\n<pre><code class=\"\" data-line=\"\">sed \u2013i \u2013e &quot;s@\/var\/log\/syslog@\/var\/log\/ubuntusyslog.log@&quot; \/etc\/ossim\/agent\/plugins\/syslog.cfg\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0422\u0435\u043f\u0435\u0440\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u043c rsyslog \u0432 OSSIM:<\/p>\n<pre><code class=\"\" data-line=\"\">echo if \\$fromhost-ip == \\&#039;10.1.193.77\\&#039; then -\/var\/log\/ubuntusyslog.log &gt;&gt; \/etc\/rsyslog.d\/ubuntu.conf\nservice rsyslog restart\n<\/code><\/pre>\n<p class=\"content html_format\">\u0412\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u043f\u043b\u0430\u0433\u0438\u043d, \u043f\u043e \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0438 \u0441\u00a0<a href=\"#2511\">\u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c\u0438 \u043f\u0443\u043d\u043a\u0442\u0430\u043c\u0438<\/a>, \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0441\u043f\u0438\u0441\u043a\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u043d\u0443\u0436\u043d\u044b\u0439:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/3d6\/dce\/7b4\/3d6dce7b472c4a17ae70d616973e2305.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/aef\/a95\/1fb\/aefa951fbf96493d983a4a00fd5995c1.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h6 style=\"text-align: justify;\"><a name=\"254\"><\/a>\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0435<\/h6>\n<p class=\"content html_format\">\u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0431\u043e\u0440\u0430 \u043f\u0443\u043d\u043a\u0442\u0430 \u00abApply changes\u00bb \u0432\u044b \u043d\u0435 \u0443\u0432\u0438\u0434\u0435\u043b\u0438 \u043e\u043a\u043d\u043e \u00abAlienVault Reconfig\u00bb<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/66e\/604\/efb\/66e604efbbed4a108db2beeba18a681a.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u0435 OSSIM (\u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 4.15.2 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u0430\u043a\u043e\u0439 \u0431\u0430\u0433)<br \/>\n\u0414\u043b\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u043f\u0430\u0440\u0441\u0438\u043d\u0433\u043e\u043c \u043b\u043e\u0433\u043e\u0432 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 cp1251 (\u043a\u0438\u0440\u0438\u043b\u043b\u0438\u0446\u0430) \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0435:<br \/>\n\u0412 \u0444\u0430\u0439\u043b\u0435<b>\u00a0\/usr\/share\/alienvault\/ossim-agent\/ParserDatabase.py<\/b>\u00a0\u0432 \u0441\u0442\u0440\u043e\u043a\u0443 288 \u043f\u043e\u0441\u043b\u0435:<\/p>\n<pre><code class=\"\" data-line=\"\">                        if len(ret) &gt; 0:\n                            #We have to think about event order when processing\n                            cVal = ret[len(ret) - 1][ref]\n                            for e in ret:\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412\u0441\u0442\u0430\u0432\u0438\u0442\u044c:<\/p>\n<pre><code class=\"\" data-line=\"\">                                e=list(e)\n                                x=[x.decode(&#039;cp1251&#039;).encode(&#039;utf8&#039;) if isinstance(x, basestring) else x for x in e] ## change for encoding cp1251\n                                e=x\n                                e=tuple(e)\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412 \u0444\u0430\u0439\u043b\u0435<b>\u00a0\/usr\/share\/alienvault\/ossim-agent\/TailFollowBookmark.py<\/b>\u00a0\u0432 \u0441\u0442\u0440\u043e\u043a\u0443 163 \u043f\u043e\u0441\u043b\u0435:<\/p>\n<pre><code class=\"\" data-line=\"\">    def _open_file(self, fromrotate=False):\n        &quot;&quot;&quot;\n        Opens the file and seeks to the specified position based on\n        the keyword arguments: offset and whence.  Furthermore, the\n        _current_file attribute is set as a side-effect.\n\n        fromrotate: Indicates if the file is opened when a\n                    log rotation is detected\n        &quot;&quot;&quot;\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0412\u0441\u0442\u0430\u0432\u0438\u0442\u044c:<\/p>\n<pre><code class=\"\" data-line=\"\">        if \u00abalerts.log\u00bb in self.filename:\n        self.encode=&#039;cp1251&#039;\n        else:\n        self.encode=&#039;utf8&#039;\n<\/code><\/pre>\n<p class=\"content html_format\" style=\"text-align: justify;\"><a href=\"https:\/\/www.alienvault.com\/forums\/discussion\/2143\/russian-charcter-in-my-sql-database#latest\">\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0444\u043e\u0440\u0443\u043c<\/a>, \u0433\u0434\u0435 \u0432\u0435\u043b\u043e\u0441\u044c \u043e\u0431\u0441\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u043e\u0439.<br \/>\n\u0417\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0431\u0430\u0433\u0430 \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u0441\u043f\u0430\u0441\u0438\u0431\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e\u00a0<a class=\"user_link\" href=\"https:\/\/habrahabr.ru\/users\/dolph2005\/\">dolph2005<\/a><\/p>\n<h5 style=\"text-align: justify;\"><a name=\"26\"><\/a>\u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 ArcSight<\/h5>\n<p class=\"content html_format\" style=\"text-align: justify;\">\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044e OSSIM \u0441 SIEM \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439\u00a0<a href=\"http:\/\/www8.hp.com\/ru\/ru\/software-solutions\/siem-security-information-event-management\/\">ArcSight<\/a>.<br \/>\n\u041f\u043e\u0434\u043e\u0431\u043d\u0430\u044f \u0441\u0432\u044f\u0437\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0441\u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0442\u044c \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043d\u0430 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u0445 ArcSight, \u0435\u0441\u043b\u0438 \u043a\u0440\u043e\u043c\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u043e\u0444\u0438\u0441\u0430 \u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0435\u0441\u0442\u044c \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u0444\u0438\u043b\u0438\u0430\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0437\u0430\u0449\u0438\u0449\u0430\u0442\u044c \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c.<br \/>\n\u0426\u0435\u043b\u044c \u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u0434\u0435\u043b\u0430 \u2013 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0432 ArcSight \u0443\u0436\u0435 \u0441\u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 OSSIM-\u043e\u043c \u043b\u043e\u0433\u0438, \u0430 \u043d\u0435 \u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 ArcSight, \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443.<br \/>\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0440 (\u0442\u0438\u043f \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0440\u0430 Syslog), \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 FlexAgent:<\/p>\n<pre><code class=\"\" data-line=\"\"># FlexAgent Regex Configuration File\ndo.unparsed.events=true\nregex=\\\\D+ AV-FREE-FEED (\\\\D+) DST_IP -- SRC_IP: (\\\\d{1,3}\\\\.\\\\d{1,3}\\\\.\\\\d{1,3}\\\\.\\\\d{1,3}) , DST_IP: (\\\\d{1,3}\\\\.\\\\d{1,3}\\\\.\\\\d{1,3}\\\\.\\\\d{1,3}), Alarm: directive_event: AV-FREE-FEED \\\\D+ (\\\\d) (.*)\ntoken.count=5\ntoken[0].name=Event_Name\ntoken[0].type=String\ntoken[1].name=SRC_IP\ntoken[1].type=IPAddress\ntoken[2].name=DST_IP\ntoken[2].type=IPAddress\ntoken[3].name=Dev_Severity\ntoken[3].type=String\ntoken[4].name=Event_Message\ntoken[4].type=String\nevent.name=Event_Name\nevent.sourceAddress=SRC_IP\nevent.destinationAddress=DST_IP\nevent.deviceSeverity=Dev_Severity\nevent.message=Event_Message\nevent.deviceVendor=__getVendor(AlienVault)\nevent.deviceProduct=__stringConstant(OSSIM)\n<\/code><\/pre>\n<p class=\"content html_format\">\u0412 \u043f\u0430\u043f\u043a\u0443 \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0440\u0430 \u0438 \u0434\u0430\u043b\u0435\u0435 \u0432 \u00ab<b>user\\agent\\flexagent\\syslog<\/b>\u00bb. \u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u0430 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u00ab<b>ossim.sdkrfilereader.properties<\/b>\u00bb<br \/>\n\u0412 \u0444\u0430\u0439\u043b\u0435 agent.properties \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0442\u0440\u043e\u0447\u043a\u0443 agents[0].customsubagentlist, \u0434\u043e\u043f\u0438\u0441\u0430\u0432 \u0442\u0443\u0434\u0430 \u00abossim\u00bb, \u043f\u0440\u0438\u043c\u0435\u0440:<br \/>\nagents[0].customsubagentlist= ossim|ciscopix_syslog|netscreen_syslog|\u2026<br \/>\n\u0418 \u0441\u0442\u0440\u043e\u0447\u043a\u0443 agents[0].usecustomsubagentlist \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c true.<br \/>\n\u0414\u0430\u043b\u0435\u0435 \u0437\u0430\u0439\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 OSSIM:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/6fa\/dfb\/a40\/6fadfba40ca842479de7d50fdd6d7751.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/>\u0418 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 alarm \u0432 syslog:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/e1f\/cf2\/24a\/e1fcf224acf045d39f3bcfb74b0e9a87.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0443 \u043b\u043e\u0433\u043e\u0432 \u0432 rsyslog OSSIM.<br \/>\n\u0412 \u0444\u0430\u0439\u043b\u0435 \/etc\/rsyslog.conf \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0442\u0440\u043e\u0447\u043a\u0443:<br \/>\n*.* ip.\u0432\u0430\u0448\u0435\u0433\u043e.Flex.\u0430\u0433\u0435\u043d\u0442\u0430<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/946\/e2b\/46a\/946e2b46a3ae4fe4989b67d20a6a11c8.png?w=1290&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><br \/>\n\u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0432 \u043a\u043e\u043d\u043d\u0435\u043a\u0442\u043e\u0440\u0435 ArcSight \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u0443\u0436\u0435 \u0440\u0430\u0441\u043f\u0430\u0440\u0441\u0435\u043d\u043d\u044b\u0435, \u0441\u043a\u043e\u0440\u0440\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043b\u043e\u0433\u0438:<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" style=\"margin-left: auto; margin-right: auto;\" data-src=\"https:\/\/i0.wp.com\/habrastorage.org\/files\/198\/605\/f59\/198605f591de4e3eab5f00595451d77d.png?w=740&#038;ssl=1\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/p>\n<h4 style=\"text-align: justify;\">\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438<\/h4>\n<ul>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/en.wikipedia.org\/wiki\/OSSIM\">en.wikipedia.org\/wiki\/OSSIM<\/a><\/li>\n<li style=\"text-align: justify;\"><a href=\"https:\/\/alienvault.bloomfire.com\">alienvault.bloomfire.com<\/a><\/li>\n<li style=\"text-align: justify;\"><a href=\"https:\/\/www.alienvault.com\/forums\">www.alienvault.com\/forums<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>OSSIM (Open Source Security Information Management) \u2014 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\u00a0<\/p>\n","protected":false},"author":1501,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-12437","post","type-post","status-publish","format-standard","hentry","category-review"],"blocksy_meta":[],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"uk","enabled_languages":["ru","uk"],"languages":{"ru":{"title":true,"content":true,"excerpt":false},"uk":{"title":false,"content":false,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/\" \/>\n<meta property=\"og:locale\" content=\"uk_UA\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e\" \/>\n<meta property=\"og:url\" content=\"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/\" \/>\n<meta property=\"og:site_name\" content=\"LinuxTheBest\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/UserAndLINUX\" \/>\n<meta property=\"article:published_time\" content=\"2017-08-21T20:49:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-06T04:32:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif\" \/>\n<meta name=\"author\" content=\"ViGo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@UserAndLINUX\" \/>\n<meta name=\"twitter:site\" content=\"@UserAndLINUX\" \/>\n<meta name=\"twitter:label1\" content=\"\u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043e\" \/>\n\t<meta name=\"twitter:data1\" content=\"ViGo\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u041f\u0440\u0438\u0431\u043b. \u0447\u0430\u0441 \u0447\u0438\u0442\u0430\u043d\u043d\u044f\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 \u0445\u0432\u0438\u043b\u0438\u043d\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/\"},\"author\":{\"name\":\"ViGo\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#\\\/schema\\\/person\\\/04b999a1ca3dcb92f80611ae9a4e29d1\"},\"headline\":\"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e\",\"datePublished\":\"2017-08-21T20:49:52+00:00\",\"dateModified\":\"2023-07-06T04:32:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/\"},\"wordCount\":1982,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/habrastorage.org\\\/files\\\/ddc\\\/648\\\/b54\\\/ddc648b54536462b8db7b3795d3f5bfc.gif\",\"articleSection\":[\"\u041e\u0431\u0437\u043e\u0440\u044b\"],\"inLanguage\":\"uk\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/\",\"url\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/\",\"name\":\"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/habrastorage.org\\\/files\\\/ddc\\\/648\\\/b54\\\/ddc648b54536462b8db7b3795d3f5bfc.gif\",\"datePublished\":\"2017-08-21T20:49:52+00:00\",\"dateModified\":\"2023-07-06T04:32:41+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#breadcrumb\"},\"inLanguage\":\"uk\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"uk\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#primaryimage\",\"url\":\"https:\\\/\\\/habrastorage.org\\\/files\\\/ddc\\\/648\\\/b54\\\/ddc648b54536462b8db7b3795d3f5bfc.gif\",\"contentUrl\":\"https:\\\/\\\/habrastorage.org\\\/files\\\/ddc\\\/648\\\/b54\\\/ddc648b54536462b8db7b3795d3f5bfc.gif\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u0413\u043b\u0430\u0432\u043d\u0430\u044f\",\"item\":\"https:\\\/\\\/linuxthebest.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u041e\u0431\u0437\u043e\u0440\u044b\",\"item\":\"https:\\\/\\\/linuxthebest.net\\\/review\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#website\",\"url\":\"https:\\\/\\\/linuxthebest.net\\\/\",\"name\":\"LinuxTheBest\",\"description\":\"\u0412\u0430\u0448 \u043f\u0440\u043e\u0432\u0456\u0434\u043d\u0438\u043a \u0443 \u0434\u0438\u0432\u043e\u0432\u0438\u0436\u043d\u0438\u0439 \u0441\u0432\u0456\u0442 Linux\",\"publisher\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/linuxthebest.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"uk\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#organization\",\"name\":\"UALinux\",\"url\":\"https:\\\/\\\/linuxthebest.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"uk\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/linuxthebest.net\\\/wp-content\\\/uploads\\\/2010\\\/06\\\/UALinux.png\",\"contentUrl\":\"https:\\\/\\\/linuxthebest.net\\\/wp-content\\\/uploads\\\/2010\\\/06\\\/UALinux.png\",\"width\":270,\"height\":73,\"caption\":\"UALinux\"},\"image\":{\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/UserAndLINUX\",\"https:\\\/\\\/x.com\\\/UserAndLINUX\",\"https:\\\/\\\/www.linkedin.com\\\/groups\\\/7487863\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/#\\\/schema\\\/person\\\/04b999a1ca3dcb92f80611ae9a4e29d1\",\"name\":\"ViGo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"uk\",\"@id\":\"https:\\\/\\\/linuxthebest.net\\\/wp-content\\\/uploads\\\/rcl-uploads\\\/avatars\\\/1501-150.jpg?ver=1593467766\",\"url\":\"https:\\\/\\\/linuxthebest.net\\\/wp-content\\\/uploads\\\/rcl-uploads\\\/avatars\\\/1501-150.jpg?ver=1593467766\",\"contentUrl\":\"https:\\\/\\\/linuxthebest.net\\\/wp-content\\\/uploads\\\/rcl-uploads\\\/avatars\\\/1501-150.jpg?ver=1593467766\",\"caption\":\"ViGo\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/","og_locale":"uk_UA","og_type":"article","og_title":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e","og_url":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/","og_site_name":"LinuxTheBest","article_publisher":"https:\/\/www.facebook.com\/UserAndLINUX","article_published_time":"2017-08-21T20:49:52+00:00","article_modified_time":"2023-07-06T04:32:41+00:00","og_image":[{"url":"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif","type":"","width":"","height":""}],"author":"ViGo","twitter_card":"summary_large_image","twitter_creator":"@UserAndLINUX","twitter_site":"@UserAndLINUX","twitter_misc":{"\u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043e":"ViGo","\u041f\u0440\u0438\u0431\u043b. \u0447\u0430\u0441 \u0447\u0438\u0442\u0430\u043d\u043d\u044f":"5 \u0445\u0432\u0438\u043b\u0438\u043d"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#article","isPartOf":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/"},"author":{"name":"ViGo","@id":"https:\/\/linuxthebest.net\/#\/schema\/person\/04b999a1ca3dcb92f80611ae9a4e29d1"},"headline":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e","datePublished":"2017-08-21T20:49:52+00:00","dateModified":"2023-07-06T04:32:41+00:00","mainEntityOfPage":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/"},"wordCount":1982,"commentCount":0,"publisher":{"@id":"https:\/\/linuxthebest.net\/#organization"},"image":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#primaryimage"},"thumbnailUrl":"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif","articleSection":["\u041e\u0431\u0437\u043e\u0440\u044b"],"inLanguage":"uk","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/","url":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/","name":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e","isPartOf":{"@id":"https:\/\/linuxthebest.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#primaryimage"},"image":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#primaryimage"},"thumbnailUrl":"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif","datePublished":"2017-08-21T20:49:52+00:00","dateModified":"2023-07-06T04:32:41+00:00","breadcrumb":{"@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#breadcrumb"},"inLanguage":"uk","potentialAction":[{"@type":"ReadAction","target":["https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/"]}]},{"@type":"ImageObject","inLanguage":"uk","@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#primaryimage","url":"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif","contentUrl":"https:\/\/habrastorage.org\/files\/ddc\/648\/b54\/ddc648b54536462b8db7b3795d3f5bfc.gif"},{"@type":"BreadcrumbList","@id":"https:\/\/linuxthebest.net\/ossim-razvorachivaem-kompleksnuyu-open-source-sistemu-upravleniya-bezopasnostyu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u0413\u043b\u0430\u0432\u043d\u0430\u044f","item":"https:\/\/linuxthebest.net\/"},{"@type":"ListItem","position":2,"name":"\u041e\u0431\u0437\u043e\u0440\u044b","item":"https:\/\/linuxthebest.net\/review\/"},{"@type":"ListItem","position":3,"name":"OSSIM \u2014 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0443\u044e open source \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e"}]},{"@type":"WebSite","@id":"https:\/\/linuxthebest.net\/#website","url":"https:\/\/linuxthebest.net\/","name":"LinuxTheBest","description":"\u0412\u0430\u0448 \u043f\u0440\u043e\u0432\u0456\u0434\u043d\u0438\u043a \u0443 \u0434\u0438\u0432\u043e\u0432\u0438\u0436\u043d\u0438\u0439 \u0441\u0432\u0456\u0442 Linux","publisher":{"@id":"https:\/\/linuxthebest.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/linuxthebest.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"uk"},{"@type":"Organization","@id":"https:\/\/linuxthebest.net\/#organization","name":"UALinux","url":"https:\/\/linuxthebest.net\/","logo":{"@type":"ImageObject","inLanguage":"uk","@id":"https:\/\/linuxthebest.net\/#\/schema\/logo\/image\/","url":"https:\/\/linuxthebest.net\/wp-content\/uploads\/2010\/06\/UALinux.png","contentUrl":"https:\/\/linuxthebest.net\/wp-content\/uploads\/2010\/06\/UALinux.png","width":270,"height":73,"caption":"UALinux"},"image":{"@id":"https:\/\/linuxthebest.net\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/UserAndLINUX","https:\/\/x.com\/UserAndLINUX","https:\/\/www.linkedin.com\/groups\/7487863\/"]},{"@type":"Person","@id":"https:\/\/linuxthebest.net\/#\/schema\/person\/04b999a1ca3dcb92f80611ae9a4e29d1","name":"ViGo","image":{"@type":"ImageObject","inLanguage":"uk","@id":"https:\/\/linuxthebest.net\/wp-content\/uploads\/rcl-uploads\/avatars\/1501-150.jpg?ver=1593467766","url":"https:\/\/linuxthebest.net\/wp-content\/uploads\/rcl-uploads\/avatars\/1501-150.jpg?ver=1593467766","contentUrl":"https:\/\/linuxthebest.net\/wp-content\/uploads\/rcl-uploads\/avatars\/1501-150.jpg?ver=1593467766","caption":"ViGo"}}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p7Dc7N-3eB","jetpack-related-posts":[{"id":12859,"url":"https:\/\/linuxthebest.net\/uk\/programmy-dlya-vzloma-i-pentestinga\/","url_meta":{"origin":12437,"position":0},"title":"\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0438 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0438\u043d\u0433\u0430","author":"ViGo","date":"2015-08-30","format":false,"excerpt":"\u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438\u043c\u0435\u0435\u0442 \u043e\u0447\u0435\u043d\u044c \u0432\u0430\u0436\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u0432 \u043d\u0430\u0448\u0435 \u0432\u0440\u0435\u043c\u044f, \u043a\u043e\u0433\u0434\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0435\u0437\u0434\u0435 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u044b, \u0430 \u0435\u0441\u043b\u0438 \u0435\u0449\u0435 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f, \u0442\u043e \u043e\u0447\u0435\u043d\u044c \u0441\u043a\u043e\u0440\u043e \u0431\u0443\u0434\u0443\u0442. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043d\u043e \u0438 \u0447\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u043b\u044e\u0434\u044c\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0449\u0443\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u2026","rel":"","context":"\u0423 &quot;\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b&quot;","block_context":{"text":"\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b","link":"https:\/\/linuxthebest.net\/uk\/programmy\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/losst.ru\/wp-content\/uploads\/2017\/10\/shutterstock_599669093-800x450.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/losst.ru\/wp-content\/uploads\/2017\/10\/shutterstock_599669093-800x450.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/losst.ru\/wp-content\/uploads\/2017\/10\/shutterstock_599669093-800x450.jpg?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":10265,"url":"https:\/\/linuxthebest.net\/uk\/mery-protivodejstviya-kiberatakam\/","url_meta":{"origin":12437,"position":1},"title":"\u041c\u0435\u0440\u044b \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u043c","author":"ViGo","date":"2010-06-11","format":false,"excerpt":"\u0421\u0435\u0439\u0447\u0430\u0441 \u0432\u043e\u043a\u0440\u0443\u0433 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u00a0\u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0432\u044b\u0440\u043e\u0441 \u043c\u043e\u0449\u043d\u044b\u0439 \u0431\u0438\u0437\u043d\u0435\u0441 \u0441 \u0433\u043e\u0434\u043e\u0432\u044b\u043c \u043e\u0431\u043e\u0440\u043e\u0442\u043e\u043c \u043d\u0435 \u0432 \u043e\u0434\u0438\u043d \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432, \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u0435\u0442\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0431\u043e\u043b\u0435\u0435 \u0438\u043b\u0438 \u043c\u0435\u043d\u0435\u0435 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0442\u0441\u044f: \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b (\u041c\u042d), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0442\u0430\u043a\u0436\u0435 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430\u043c\u0438 \u0438\u043b\u0438 firewall,\u00a0\u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f, \u0441\u043a\u0430\u043d\u0435\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041c\u042d \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f\u2026","rel":"","context":"\u0423 &quot;\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438&quot;","block_context":{"text":"\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438","link":"https:\/\/linuxthebest.net\/uk\/terminal\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12550,"url":"https:\/\/linuxthebest.net\/uk\/ishchem-rutkity-v-ubuntu\/","url_meta":{"origin":12437,"position":2},"title":"\u0418\u0449\u0435\u043c \u0440\u0443\u0442\u043a\u0438\u0442\u044b \u0432 Ubuntu","author":"ViGo","date":"2017-08-25","format":false,"excerpt":"\u0423\u0436\u0435 \u043d\u0435 \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u043c \u0442\u043e\u0442 \u0444\u0430\u043a\u0442, \u0447\u0442\u043e Linux \u2014 \u044d\u0442\u043e \u043e\u0447\u0435\u043d\u044c \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0430\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430. \u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u043e\u043c\u0443 \u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u043c\u043d\u043e\u0433\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440 \u043d\u0430 \u044d\u0442\u0443 \u00ab\u043e\u0441\u044c\u00bb. \u041a\u0430\u043a \u043f\u0440\u0438\u043c\u0435\u0440 \u043c\u043e\u0433\u0443 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u041f\u0440\u0438\u0432\u0430\u0442 \u0411\u0430\u043d\u043a, Fiat, Google, Panasonic, Virgin America, Amazon, \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u043e \u043e\u0431\u043e\u0440\u043e\u043d\u044b \u0421\u0428\u0410, Deutsche Bahn, Hundai, BMW, Volvo, PayPal, Singapore\u2026","rel":"","context":"\u0423 &quot;\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438&quot;","block_context":{"text":"\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438","link":"https:\/\/linuxthebest.net\/uk\/terminal\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2017\/08\/67cbcf5a6df4a5e12d8795621a31ed45.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2017\/08\/67cbcf5a6df4a5e12d8795621a31ed45.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2017\/08\/67cbcf5a6df4a5e12d8795621a31ed45.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":23643,"url":"https:\/\/linuxthebest.net\/uk\/10-luchshyh-besplatn%d1%8bh-brandmau%d1%8drov-linux\/","url_meta":{"origin":12437,"position":3},"title":"10 \u043d\u0430\u0439\u043a\u0440\u0430\u0449\u0438\u0445 \u0431\u0435\u0437\u043a\u043e\u0448\u0442\u043e\u0432\u043d\u0438\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0456\u0432 Linux","author":"ViGo","date":"2022-08-18","format":false,"excerpt":"{:ru}\u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043b\u044e\u0447\u043e\u043c \u043a \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440\u0430. \u0411\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u0430\u0436\u043d\u044b\u0435 \u043f\u043e\u0440\u0442\u044b \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0443\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0438 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043d\u0435\u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043c\u0435\u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u043c\u0438. \u0412 \u043c\u0438\u0440\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432. \u0412\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u043b\u0443\u0447\u0448\u0438\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u0430\u0448\u0435\u0439 \u0441\u0435\u0442\u0438 \u0432 Linux. 1. Uncomplicated Firewall (UFW) UFW\u2026","rel":"","context":"\u0423 &quot;\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b&quot;","block_context":{"text":"\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b","link":"https:\/\/linuxthebest.net\/uk\/programmy\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2022\/08\/000-8.png?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2022\/08\/000-8.png?fit=1200%2C600&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2022\/08\/000-8.png?fit=1200%2C600&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2022\/08\/000-8.png?fit=1200%2C600&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2022\/08\/000-8.png?fit=1200%2C600&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":15389,"url":"https:\/\/linuxthebest.net\/uk\/reliz-sistemy-obnaruzheniya-atak-suricata-2-0\/","url_meta":{"origin":12437,"position":4},"title":"\u0420\u0435\u043b\u0438\u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a Suricata 2.0","author":"ViGo","date":"2014-05-19","format":false,"excerpt":"\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0435\u043d\u00a0\u0440\u0435\u043b\u0438\u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439\u00a0Suricata 2.0. \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0443\u0441\u043a\u043e\u0440\u0435\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 GPU (CUDA \u0438 OpenCL), \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0442\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0435\u0439 \u043c\u043d\u043e\u0433\u043e\u044f\u0434\u0435\u0440\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u0438\u043c\u0435\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0442\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0438\u043d\u0441\u043f\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0438\u0434\u043e\u0432 \u0442\u0440\u0430\u0444\u0438\u043a\u0430. \u0412 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 Suricata \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435\u00a0\u0431\u0430\u0437\u044b \u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440, \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u043c Snort, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0431\u043e\u0440\u043e\u0432\u2026","rel":"","context":"\u0423 &quot;\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438&quot;","block_context":{"text":"\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438","link":"https:\/\/linuxthebest.net\/uk\/terminal\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2014\/05\/kibana-suri.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2014\/05\/kibana-suri.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2014\/05\/kibana-suri.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":40814,"url":"https:\/\/linuxthebest.net\/uk\/yak-vstanoviti-snort-na-ubuntu\/","url_meta":{"origin":12437,"position":5},"title":"\u042f\u043a \u0432\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0438 Snort \u043d\u0430 Ubuntu","author":"walle9054","date":"2024-09-17","format":false,"excerpt":"{:ru}\u0412 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043c\u0435\u043d\u044f\u044e\u0449\u0435\u043c\u0441\u044f \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0435 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0438\u0433\u0440\u0430\u044e\u0442 \u0432\u0430\u0436\u043d\u0435\u0439\u0448\u0443\u044e \u0440\u043e\u043b\u044c \u0432 \u0437\u0430\u0449\u0438\u0442\u0435 \u043d\u0430\u0448\u0435\u0439 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0421\u0440\u0435\u0434\u0438 \u044d\u0442\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Snort \u0432\u044b\u0434\u0435\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0449\u043d\u043e\u0435 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c. \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c Snort \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u0435\u0433\u043e \u0432\u0430\u0436\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u043d\u043e\u0433\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439. \u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u043c\u044b\u2026","rel":"","context":"\u0423 &quot;\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438&quot;","block_context":{"text":"\u0418\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438","link":"https:\/\/linuxthebest.net\/uk\/terminal\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2024\/09\/snort.webp?fit=728%2C380&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2024\/09\/snort.webp?fit=728%2C380&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2024\/09\/snort.webp?fit=728%2C380&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/linuxthebest.net\/wp-content\/uploads\/2024\/09\/snort.webp?fit=728%2C380&ssl=1&resize=700%2C400 2x"},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/posts\/12437","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/users\/1501"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/comments?post=12437"}],"version-history":[{"count":2,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/posts\/12437\/revisions"}],"predecessor-version":[{"id":28631,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/posts\/12437\/revisions\/28631"}],"wp:attachment":[{"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/media?parent=12437"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/categories?post=12437"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxthebest.net\/uk\/wp-json\/wp\/v2\/tags?post=12437"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}