Suricata IOS blocked
-
which rule set has IOS apple updates and youtube listed… Cant watch youtube on mobile's
thanks in advance
-
which rule set has IOS apple updates and youtube listed… Cant watch youtube on mobile's
thanks in advance
My first suspicion would be alerts from the stream5 preprocessor. It can give a lot of false positives in some environments. You will need to look on the ALERTS tab to see which alerts are firing on your IOS devices. Should be able to track things down using the IP addresses of the Apple devices to match up with alerts on the ALERTS tab.
Bill
-
thanks Bill…
-
thanks Bill…
Once you locate the offending alerts on the ALERTS tab, you can then decide if they are likely false positives. If you conclude they are, you can simply disable those rules by clicking the red X icon in the column on the far right for GID:SID.
Bill
-
thanks I got it working…. and yes I red X'ed it...
