securityonion IDS 구축 시 eth1 설정

# vi /etc/network/interface

auto lo

iface lo inet loopback

# Management interface using DHCP (not recommended due to Bro issue described above)

auto eth0

iface eth0 inet dhcp

# OR 

# Management interface using STATIC IP (instead of DHCP)

auto eth0

iface eth0 inet static

  address 192.168.1.14

  gateway 192.168.1.1

  netmask 255.255.255.0

  network 192.168.1.0

  broadcast 192.168.1.255

  # If running Security Onion 12.04, you'll need to configure DNS here

  dns-nameservers 192.168.1.1 192.168.1.2

# AND one or more of the following

# Connected to TAP or SPAN port for traffic monitoring

auto eth1

iface eth1 inet manual

  up ifconfig $IFACE -arp up

  up ip link set $IFACE promisc on

  down ip link set $IFACE promisc off

  down ifconfig $IFACE down

  post-up for i in rx tx sg tso ufo gso gro lro; do ethtool -K $IFACE $i off; done

  # If running Security Onion 12.04, you should also disable IPv6 as follows:

  post-up echo 1 > /proc/sys/net/ipv6/conf/$IFACE/disable_ipv6