Snort in Pfsense



  • Hi,

    I am new with snort in pfsense, I just want to know if there are guidelines on the meaning of the alert description.

    I am getting alert like:
    SHELLCODE x86 inc ecx NOOP
    ET POLICY PE EXE or DLL Windows file download

    I am not sure if this description is a valid attack or not, basically how do I know if someone is trying to access our network or is snort well configured to prevent other person from unauthorized access.

    I do apologized for the ignorance hoping someone will explain and give me more detailed explanation on how to use the snort in pfsense for auditing and preventing attacks on the network.

    Thanks.




Log in to reply