Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting up Suricata

    Scheduled Pinned Locked Moved IDS/IPS
    1 Posts 1 Posters 425 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bodhi
      last edited by

      Greetings

      New to this concept of pfSense, Suricata etc etc

      Great source of info here, but am struggling to understand the concept. Please can someone help me?

      I have setup pfsense andit is working great. I now introduced Suricata to it. All traffic going though seems to be blocked.  Here is what I have done so far:

      I started adding entries to the SID Management for some of the repeating messages.
      I also started to create Firewall Aliases for known services like Apple (17.0.0.0/24), Some Microsoft and some others.

      Now, question I have is, is this how this thing works? Do I have to keep adding IP addresses to aliases? Are there any lists available readily?

      Or am I going completely wrongway?

      Thanks for your help.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.