3. Snort: how to exclude a lan host from scans?

Snort: how to exclude a lan host from scans?

  • C

    How can I exclude a particular host on my lan from all Snort scans?

    I run an offsite backup server behind Pfsense and simultaneously have hundreds of clients connecting to it but also simultaneously get hundreds of false positives for a multitude of Snort rules because of the nature of the data being transmitted.

    i would like to keep my ruleset functioning for all other hosts behind pfsense except this particular hosts. How can this be acheived?

    I tried creating Whitelists and Netlists etc but nothing seems to be doing the trick.

    Any help appreciated.

    Thanks

    0
  • C

    Bump.

    Anyone got any suggestions on this?

    Thanks

    0
  • S

    After creating a whitelist, you have to add it in the Snort Interface Settings to a particular interface.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy