Snort - Enable Everything



  • I've been using SNORT for awhile and despite what others suggest, I want to enable everything and then start disabling things based on false positive alerts.  I found that my enabling all the 'rulesets', there are still a lot of rules that are disabled.

    Is there an easy way to enable every SNORT rule?  On Linux I could do a regex in the file (which I forget the name at the time), but I don't want to break things on pfsense.

    Thanks!



  • If you go into categories, select one and click on the icon top right, what happens?

    I think it should work  :P


Log in to reply