Snort Help
-
I am so happy to use pfsense it's the best firewall for me.
i want to use SNORT only to detect and block (ARP spoofing) attacks on LAN and OPT1.
i read that snort can do (Detection of ARP spoofing) in the sticky topic, i haven't any expert about snort.
which rules can do (my goal)?
i am runing pfsense 1.2.3 - snort Stable
2.8.5.3 pkg v. 1.25 . -
Rules are maintained by http://www.snort.org if you want only ARP I suggest you read up on it. Google is your friend.
-
thanks for your reply.
before poting this, i tried to do it myself, but i failed
i want to know how to configure snort to do this, i don't know which rules or rules category can do this (Detection of ARP spoofing) and block this? -
I used my own suggestion and googled this page for you since you were lacking the necessary skills to do so yourself
http://forum.pfsense.org/index.php?topic=18926.0;prev_next=prev