4. Customizing HOME_NET to bypass Vuln Scanner

Customizing HOME_NET to bypass Vuln Scanner

  • M

    Hey Guys,

    I'm looking to bypass my Nessus vulnerability scanner from Snort inspection. Snort blows up whenever I run these scans so I'd like to suppress this behavior from this one source IP. I try doing this by creating a custom FW alias and excluding the scanner IP of 192.168.3.X. I use this as the HOME_NET variable however it appears the 192.168.3.0/24 subnet is automatically added even though "Add firewall Locally-Attached Networks to the list (excluding WAN)." is UNCHECKED.

    Does anyone know of a way around this or another way of achieving this? Reading previous threads it looks like this is done intentionally. I'd like to keep my external_net as 'ANY' for the added visibility.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy