Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort dont detect P2P traffic

    Scheduled Pinned Locked Moved
    IDS/IPS
    1
    1
    187
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Suricata_CapS
      Suricata_Cap
      last edited by

      Hello together,

      since several weeks, I started to work with snort, set it up and frequently checking the alerts. My Suppress-list and the blocking list become a bit of size. So on one other pfSenses that I'm working with snort on, I became aware of Messages for some kind of P2P File sharing Software named Kazaa. So I want to recreate this message on my "main" pfSense with Snort, for… I don't know, to see if it works and or not. I used uTorrent and BitTorrent and loaded some random Torrents and the Logs stay empty. My pfSense is on Version 2.6.0-RELEASE, Snort is on version 4.1.6. I installed all Rules except the Emerging Threats Open Rules. I also enabled all P2P Rules that are exsisting. So what can I do to detect this traffic?

      Thank you!
      Greetings!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post