Hello,
I have a 4 cPanel linux servers with Alma and Cloud Linux.
Is Suricata installed on the server a security product or do I install this on a device between the world and the server?
It’s really up to you.
Suricata is a software project that can passively monitor the network traffic on a network interface. In such a case it could be a separate device or running on the server that is being monitored.
In more advanced scenarios it can also block traffic that it’s configured to, but that’s a bit more advanced.
We don’t really prescribe what’s best as that’s really going to depend on your needs. Which also requires some degree of expertise in networking.
Note that I’m not really sure what “cPanel linux servers” are, but you’ll need root access to run Suricata.
1 Like
Hello,
Thanks for the quick reply. cPanel Linux server is just a linux server used for web hosting. cPanel is a linux control panel to manage most of the server via a web interface.
What you say makes sense. I think I’ll try an installation on a non-production server and see how that does.
We are getting many attacks on our servers from various cloud platforms like Amazon, Digital Ocean and Azure to name a few. When we try IP blocks to prevent brute force attacks they come back trying to spoof local addresses.
I’m hoping this system can help both add to the security our servers and keep the system load down due to malicious network activity.
Do I need an active pluralsight skill plan to be able to download the training VM?
You should only need to be logged in.