3. Snort: Rules with flow:established won't trigger alerts?

Snort: Rules with flow:established won't trigger alerts?

  • J

    Hi all,

    I've been struggling with getting Snort rules to trigger alerts. After 3 days of testing I finally manage to trigger alerts, but only after removing flow:established from all the rules… I've search Google for it and found that many people seems to have the very same problem. But sad enough, no solution was to be found.
    Has anyone here had the same problem?
    pfSense 2.0.1-RELEASE (amd64), Snort 2.9.1 pkg v. 2.1.1

    Have a nice day all!

    Cheers,
    Jack-Benny

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy