Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort and "apt" blocking FYI

    Scheduled Pinned Locked Moved
    IDS/IPS
    2
    2
    221
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ramosel
      last edited by Ramosel

      Anyone else seeing failures on Raspberry Pi updates? I have 3 systems that update daily (one GPS/NTP server that failed multiple trys) and all three failed. I tried to run the update/upgrades manually and all my online RPi's, regardless of make or software version, were failing. Checking the snort alerts it looks like there was an emerging threat rule blocking apt traffic. My rules updated early this morning. Still I thought this odd. I forced a rule update at 3:55PM PT and now they all update/upgrade just fine.

      I suppose I could have just dropped back to "gets" without "apt", but wanted to fix it rather than band-aid it.

      JonathanLeeJ 1 Reply Last reply Reply Quote 0
      • JonathanLeeJ
        JonathanLee @Ramosel
        last edited by

        @Ramosel try to add the false positive to the surpass list. It won’t block it anymore on Snort

        Make sure to upvote

        1 Reply Last reply Reply Quote 0
        • First post
          Last post