sudo apt install suricata -y cd /var cd lib cd suricata mkdir rules cd rules sudo nano ASAEL alert icmp any any -> $HOME_NET any (msg:"ICMP Hay TRAFICO AQUI"; sid:1000001;) alert tcp any any -> $HOME_NET 21 (msg:"FTP tiene un trafico aqui 21"; sid:1000002;) alert tcp any any -> $HOME_NET 22 (msg:"SSH Este tiene TRAFICO port 22"; sid:1000003;) alert tcp any any -> $HOME_NET 80 (msg:"HTTP Se detecto TRAFICO on port 80"; sid:1000004;) sudo nano /etc/suricata/suricata.yaml rule-files: - custom.rules - ASAEL sudo systemctl restart suricata sudo systemctl status suricata sudo tail -f /var/log/suricata/fast.log sudo suricata -c /etc/suricata/suricata.yaml -i eth0