Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort Help

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ahmedmm86
      last edited by

      I am so happy to use pfsense it's the best firewall for me.
      i want to use SNORT only to detect and block (ARP spoofing) attacks on LAN and OPT1.
      i read that snort can do (Detection of ARP spoofing) in the sticky topic, i haven't any expert about snort.
      which rules can do (my goal)?
      i am runing pfsense 1.2.3  -  snort Stable
      2.8.5.3 pkg v. 1.25 .

      1 Reply Last reply Reply Quote 0
      • G
        g4m3c4ck
        last edited by

        Rules are maintained by http://www.snort.org if you want only ARP I suggest you read up on it. Google is your friend.

        1 Reply Last reply Reply Quote 0
        • A
          ahmedmm86
          last edited by

          thanks for your reply.
          before poting this, i tried to do it myself, but i failed
          i want to know how to configure snort to do this, i don't know which rules or rules category can do this (Detection of ARP spoofing) and block this?

          1 Reply Last reply Reply Quote 0
          • G
            g4m3c4ck
            last edited by

            I used my own suggestion and googled this page for you since you were lacking the necessary skills to do so yourself
            http://forum.pfsense.org/index.php?topic=18926.0;prev_next=prev

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.