728x90
sed 명령은 단어나 텍스트의 패턴을 정의하여 검색할 수 있다. sed는 stream editor의 축약어이다.
grep 명령어를 이용하여 snor.conf 파일에서 mysql 단어 검색
┌──(kali㉿kali)-[~]
└─$ sudo cat /etc/snort/snort.conf | grep mysql
[sudo] password for kali:
include $RULE_PATH/mysql.rules
#include $RULE_PATH/server-mysql.rules
┌──(kali㉿kali)-[~]
└─$
sed를 이용하여 mysql을 MySQL로 변경하자.
┌──(kali㉿kali)-[~]
└─$ sudo sed s/mysql/MySQL/g /etc/snort/snort.conf > snort2.conf
┌──(kali㉿kali)-[~]
└─$ cat snort2.conf | grep MySQL
include $RULE_PATH/MySQL.rules
#include $RULE_PATH/server-MySQL.rules
┌──(kali㉿kali)-[~]
└─$ cat snort2.conf | grep mysql
┌──(kali㉿kali)-[~]
└─$
more 명령어는 한 번에 한 페이지만 출력한다.
┌──(kali㉿kali)-[~]
└─$ sudo more /etc/snort/snort.conf
#--------------------------------------------------
# VRT Rule Packages Snort.conf
#
# For more information visit us at:
# http://www.snort.org Snort Website
# http://vrt-blog.snort.org/ Sourcefire VRT Blog
#
# Mailing list Contact: snort-sigs@lists.sourceforge.net
# False Positive reports: fp@sourcefire.com
# Snort bugs: bugs@snort.org
#
# Compatible with Snort Versions:
# VERSIONS : 2.9.7.0
#
# Snort build options:
# OPTIONS : --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-active-response --enable-normalize
r --enable-reload --enable-react --enable-flexresp3
#
# Additional information:
# This configuration file enables active response, to run snort in
# test mode -T you are required to supply an interface -i <interface>
# or test mode will fail to fully validate the configuration and
# exit with a FATAL error
#--------------------------------------------------
###################################################
# This file contains a sample snort configuration.
# You should take the following steps to create your own custom configuration:
#
# 1) Set the network variables.
--More--(4%)
추가 줄이나 페이지를 보려면 Enter, more를 종료하고 싶다면 q(quit).
less 필요에 다라 파일을 스크롤하는 것뿐 아니라 특정 용어를 필터링하는 것도 가능
#--------------------------------------------------
# VRT Rule Packages Snort.conf
#
# For more information visit us at:
# http://www.snort.org Snort Website
# http://vrt-blog.snort.org/ Sourcefire VRT Blog
#
# Mailing list Contact: snort-sigs@lists.sourceforge.net
# False Positive reports: fp@sourcefire.com
# Snort bugs: bugs@snort.org
#
# Compatible with Snort Versions:
# VERSIONS : 2.9.7.0
#
# Snort build options:
# OPTIONS : --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-active-response --enable-normalizer --enable-reload --enable-react --enable-flexresp3
#
# Additional information:
# This configuration file enables active response, to run snort in
# test mode -T you are required to supply an interface -i <interface>
# or test mode will fail to fully validate the configuration and
# exit with a FATAL error
#--------------------------------------------------
###################################################
# This file contains a sample snort configuration.
# You should take the following steps to create your own custom configuration:
#
# 1) Set the network variables.
/etc/snort/snort.conf
화면의 좌측 하단에 파일의 경로가 강조되어 있음을 알 수 있다. 슬래시(/) 키를 누르면 less는 파일에서 특정 용어를 찾을 수 있다. 아래 예의 경우는 'output'이라는 글자를 검색하는 경우
r --enable-reload --enable-react --enable-flexresp3
#
# Additional information:
# This configuration file enables active response, to run snort in
# test mode -T you are required to supply an interface -i <interface>
# or test mode will fail to fully validate the configuration and
# exit with a FATAL error
#--------------------------------------------------
###################################################
# This file contains a sample snort configuration.
# You should take the following steps to create your own custom configuration:
#
# 1) Set the network variables.
/output
728x90
'Security > Kali Linux로 리눅스 기초 배우기' 카테고리의 다른 글
Kali Linux 파일 및 디렉토리 (0) | 2023.07.25 |
---|---|
Kali Linux - 네트워크 (0) | 2023.07.25 |
리눅스에서 소프트웨어 추가 삭제 (0) | 2023.07.24 |
Kali Linux - Text Editor(01) (0) | 2023.07.24 |
kali Linux에 Ubuntu 레포지터리 추가 (0) | 2023.07.22 |