Important packages to stop hackers
-
HI all
I can now log into the admin page on the web, I only use IPv4 and link local on IPv6.
What packages are important to stop hackers?Should I enable interface on both LAN and WAN on Snort and Suricata?
-
@Firewalldude89 inbound traffic on WAN is disallowed by default.
Donโt run both Snort and Suricata, they do the same thing. I suggest Suricata as Snort on pfSense apparently has a limited life. Run it on LAN so you can see which PCs are triggering alerts.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote ๐ helpful posts! -
@SteveITS Thanks, I think there is a considerable breakthrough now on this technology issue.
Am such a stressed tech noob on this, but am learning -
@SteveITS Is it unnecessary to run it on WAN?
-
@Firewalldude89 IDS on WAN will work but runs outside the firewall so will scan every inbound packet even ones that will be immediately dropped. On LAN it will scan only allowed packets.
-
@SteveITS How do I turn WAN on and turn the default setting off?
-
@SteveITS said in Important packages to stop hackers:
I suggest Suricata as Snort on pfSense apparently has a limited life.
I currently run Snort. Is EOL planned for it? If so when I finish transferring to my new 8200 I will set up Suricata.
Phizix
-
@Phizix see https://forum.netgate.com/topic/180501/snort-v3/5
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote ๐ helpful posts! -
@Firewalldude89 for Suricata? It has a page to add/copy/delete it on an interface.
-
Thank you that was helpful. So I will plan on moving to Suricata on the 8200 when I get it all set up.
Phizix
