1. Home
  2. pfSense Packages
  3. IDS/IPS
  4. Customizing HOME_NET to bypass Vuln Scanner

Customizing HOME_NET to bypass Vuln Scanner

  • M

    Hey Guys,

    I'm looking to bypass my Nessus vulnerability scanner from Snort inspection. Snort blows up whenever I run these scans so I'd like to suppress this behavior from this one source IP. I try doing this by creating a custom FW alias and excluding the scanner IP of 192.168.3.X. I use this as the HOME_NET variable however it appears the 192.168.3.0/24 subnet is automatically added even though "Add firewall Locally-Attached Networks to the list (excluding WAN)." is UNCHECKED.

    Does anyone know of a way around this or another way of achieving this? Reading previous threads it looks like this is done intentionally. I'd like to keep my external_net as 'ANY' for the added visibility.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy