3. PfBlocker recommended lists - overlap with Snort

PfBlocker recommended lists - overlap with Snort

  • S

    Hi All,

    New to pfSense, trying to find my way around.

    In pfBlocker, I am currently using:
    Spamhaus DROP
    Spamhaus EDROP
    DShield Most Active Attackers
    Zeus IP Blocklist (BadIPs)

    I have seen lists that include Emerging Threats and iBlocklist but I'm not sure which of these I should use and whether there is an overlap here with Snort (I subscribe to the Snort VRT updates).

    My questions are:
    What do people recommend list wise?
    Are there any overlaps with Snort?
    Is there any way to check that updates to the lists are being downloaded every 12 hours?

    Thanks in advance!

    0
  • Moderator

    Here is a link to a discussion I had in regards to blocklists.

    https://forum.pfsense.org/index.php?topic=73353.msg402927#msg402927

    Some of those lists are for mail servers and can be ignored. If you add more blacklists, you will need to increase the maximum table entry.

    Goto  Advanced:Firewall/NAT  and increase the "Firewall Maximum Table Entries".

    There is no functionality currently to see if the blacklists are downloading the lists at the specified frequency unfortunately.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy