3. Help with SNORT

Help with SNORT

  • H

    Hello,

    I am new to snort and am not sure how to properly configure it. I am running PfSence 2.0 RC3 i386 with the latest updates. Can someone give me some screen shots and help with a good solid configuration for my WAN? I have read through the documentation on the Snort and PFsence site, but most if not all of it is for a command line config and not the Pfsence gui. Please help!

    Thanks.

    0

  • First of all, you need to create an oincmaster code at snort site and then paste it at pfsense gui to be able to download snort rules.

    Second step is to update snort rules at gui.

    third step is to tell snort about your network, setting up who is your dns server web server, etc etc.

    fourth step is 'assign' a interface to snort listen on and choose a set of rules you will apply on it.

    Note that you must know a lot of tcp/ip and Networking to understand what snort does and how to setup it correctly.

    att,
    Marcello Coutinho

    0
  • C

    Hi, I'm also new to snort…

    I'm just wondering if there is any easier way to search for a rule.
    I have a lot of them and when I want to review one upon an alert,
    I have to do find the matching one by hand.. The same with suppression....

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy