Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    snort

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 644 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      am.steen
      last edited by am.steen

      I have snort enabled and configured for IDS/IPS but I need to make sure it is working.
      so I searches google for top infected web sites and try many of them but most of them are not working.
      My question how to get any web site blocked in snort rules for testing ??

      S NogBadTheBadN 2 Replies Last reply Reply Quote 0
      • S Offline
        SteveITS Rebel Alliance @am.steen
        last edited by

        In normal use across many clients it's pretty common for alerts to show up in daily usage even when running on LAN. Of course it all depends on the rules activated. Is Snort started on the interface?

        There is an IDS forum with a quick setup doc.

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • NogBadTheBadN Offline
          NogBadTheBad @am.steen
          last edited by

          @am-steen Try scanning your WAN IP with shields up:-
          https://www.grc.com/

          Andy

          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

          A 1 Reply Last reply Reply Quote 0
          • A Offline
            am.steen @NogBadTheBad
            last edited by

            @nogbadthebad
            I try and it is ok
            "THE EQUIPMENT AT THE TARGET IP ADDRESS
            DID NOT RESPOND TO OUR UPnP PROBES!"

            Is there any other sites to test IDS on my firewall ??

            NogBadTheBadN 1 Reply Last reply Reply Quote 0
            • NogBadTheBadN Offline
              NogBadTheBad @am.steen
              last edited by

              @am-steen Only you installing nmap / ncat / netcat and you trying from the internet yourself.

              Andy

              1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.