PfBlocker recommended lists - overlap with Snort
-
Hi All,
New to pfSense, trying to find my way around.
In pfBlocker, I am currently using:
Spamhaus DROP
Spamhaus EDROP
DShield Most Active Attackers
Zeus IP Blocklist (BadIPs)I have seen lists that include Emerging Threats and iBlocklist but I'm not sure which of these I should use and whether there is an overlap here with Snort (I subscribe to the Snort VRT updates).
My questions are:
What do people recommend list wise?
Are there any overlaps with Snort?
Is there any way to check that updates to the lists are being downloaded every 12 hours?Thanks in advance!
-
Here is a link to a discussion I had in regards to blocklists.
https://forum.pfsense.org/index.php?topic=73353.msg402927#msg402927
Some of those lists are for mail servers and can be ignored. If you add more blacklists, you will need to increase the maximum table entry.
Goto Advanced:Firewall/NAT and increase the "Firewall Maximum Table Entries".
There is no functionality currently to see if the blacklists are downloading the lists at the specified frequency unfortunately.