Suricata on VPS
-
@sensori said in pfSense on VPS - Setup issue:
@Derelict : Interesting!
My VPS provider doesn't provide a firewall.
It's clear that pfSense would increase the security. So why I shouldn't use it?Maybe you should try Suricata on VPS. You also can integrate it with abuseipdb. I knew before I tried suricata pfSense is not suitable for VPS.
You can setup suricata as IPS mode or you can use its lua script to integrate with CSF do autoblocking, integrate with rblscan, abuseipdb or any ip reputation service. The best to go is Suricata. Some example script that I use: https://gitlab.com/arafatx/maxicode/-/tree/master/usr/local/maxicode/maxicata
-
I split this into a new topic since it's got nothing to do with configuring pfSense in a VPS.
Is this related to pfSense at all?
There is no description of the project at https://gitlab.com/arafatx/maxicode so I'm not sure what exactly you are suggesting here.
Steve
-
What I would guess he is doing is promoting a link to his own site.. His name is the same as the link ;)
This is just spam if you ask me! Look on the site - the author "They call me MaXi32"
Your call - but I would delete this.. Its nothing more than self promotion spam.. And zero to do with pfsense..
-
Yeah, it has many of the hallmarks of spam. But spam for a project on github is new....
-
Not sure if there is so much profit giving gitlab source code for free to help people is considered as spam. I don't mind someone to remove that link (which I couldn't do it now for permission problem).
I'm not sure why Suricata cannot be discussed with pfsense when there are group talk a lot about it. So I recommend him to use Suricata instead of installing pfsense because they both are security software
https://www.reddit.com/r/PFSENSE/comments/ghcher/suricata_in_2020/ (not a new thing when someone discussed about Suricata in PFSENSE group)
It makes sense for me.
-
Its self promotion, doesn't matter where it goes or what it talks about... No different than someone linking to their blog ;)
You can for sure talk about whatever IPS you want, in the IPS section.. Or just in general - but your clearly self promoting here.. But I will leave what happens to your posts up to the higher powers.. If me would just be deleted out right..
-
I have no problem with discussing Suricata it's just that there was no mention of it in that other thread and it was over a year old.
I suggest adding a description of your project in the readme at https://gitlab.com/arafatx/maxicode
Currently it's unclear exactly what it does.
Steve
-
@stephenw10 said in Suricata on VPS:
it's just that there was no mention of it in that other thread and it was over a year old.
Exactly!!! Typical spammer tactic..
-
@johnpoz I don't want to delete this thread only because of misunderstood that you have taken (you can do it as Global Moderator). My aim is to help OP have alternative because nobody suggested him something for VPS. I don't think I'm trying to promote anything (the source code for what?). I don't even have good project in there. Use the code or not I don't care. It's not that I lost something. Maybe a little respect for new comer?
I found that it's a habit of you in some posts for new comer like: 'Maybe use google'? I came to this forum several times because I did googled about Suricata rule and it came out several times for the past few months I have been studying about this new IDS and only today I started to help someone who need help on security on VPS, by giving a free source code that I did, but it's sad to see how new comer is treated bad in this forum. I'm not going to post more. This is my final post. You can delete the whole thread (which I couldn't do).
-
There is no problem discussing your project here, though I'm still not sure exactly what it is.
The only issue here is that it was not applicable to that other thread directly which raised suspicions.
Steve
-
@stephenw10 said in Suricata on VPS:
There is no problem discussing your project here, though I'm still not sure exactly what it is.
The only issue here is that it was not applicable to that other thread directly which raised suspicions.
Steve
I told you that, the link that I posted was not so important, it's just an example of script to run suricata report. I have stated this clearly in the first post as 'example script'. It's not a big project though. I focused more on Suricata but someone focus more on the 'suspected' link.
When someone mentioned that the link is a SPAM. I tried to delete my last sentence which contains that link but I couldn't due to permission problem (I believe this is what moderator role should do ?).
Another thing that make me confused, I gave a direct link related to what I'm trying to discuss (gitlab code related to Suricata implementation + CSF + aipdb) which contains a lot information and code there but you keep asking me a different link to the parent project which definitly I don't put any information there. So, I'm not sure exactly what to share here. If OP has installed Suricata, he will definitely know that Suricata depends on lua script and I have given him an example how to integrate suricata with aipdb and csf firewall.
"The only issue here is that it was not applicable to that other thread directly which raised suspicions."
Given suggestion to OP who needs security on VPS, non-given him solution and I felt like he needs help so I suggested 'Suricata' which I believe have been discussed many times in this forum. Not sure if that is an offensive thing to do.
I welcome myself as a new comer to this forum with a smiley face :)
Found this post via email. So I came back to reply.
-
Yeah, we didn't remove your post because linking to a github is not what your normal spammer would do.
Unfortunately we get a lot of spam here and replies on an old thread that include links are typically where it appears so it got flagged.I would still recommend adding a description there against the parent project since I'm still unsure what that is.
The vast majority of pfSense users would never have tried to use a lua script with Suricata. The package gui takes care of all that.
Steve