1
21.7 Legacy Series / Intrusion Detection: Administration / No Last update date
« on: November 28, 2021, 05:36:48 pm »
Hello,
I am a newcomer to OPNSense. Sorry if my question is a bit silly :|
A was on Synology Router before and I want to move to OPNSense.
I was using Threat Protection. If I well understand, I have to use Suricata on OPNSense (installed by default).
In "Intrusion Detection: Administration: Download", all the rules OPNsense-App-detect/* can be enabled and downloaded (I see a date on the "last updated" column, but it doesn't work for abuse.ch/* and ET open/*.
I can enable them but there is no date after clicking on "Download & update rules".
** see attachment **
I cannot see any error message.
I saw on some tutorials/docs that the "Filter" column is not on my screen.
I also have only 2 selection buttons : "Enable/disable selected". I don't see "Enable (drop/clear filter)" buttons.
Is it a problem?
If I try to install the plugin os-intrusion-detection-content-et-open, the rules into "Intrusion Detection: Administration" are listed in double. I have removed it.
Do I have to install it?
Does somebody have an idea of my mistake?
Thank you in advance
---
Type opnsense
Version 21.7.6
Architecture amd64
Flavour OpenSSL
Commit acdaa7649
Mirror https://pkg.opnsense.org/FreeBSD:12:amd64/21.7
Repositories OPNsense
Updated on Fri Nov 26 19:33:59 CET 2021
Checked on Sun Nov 28 00:00:00 CET 2021
---
suricata 6.0.4 6.82MiB OPNsense GPLv2 High Performance Network IDS, IPS and Security Monitoring engine
---
os-intrusion-detection-content-et-open 1.0.1 1.53KiB OPNsense IDS Proofpoint ET open ruleset complementary subset for ET Pro Telemetry edition
os-intrusion-detection-content-et-pro 1.0.2_1 5.72KiB OPNsense IDS Proofpoint ET Pro ruleset (needs a valid subscription)
os-intrusion-detection-content-pt-open 1.0_1 798B OPNsense IDS PT Research ruleset (only for non-commercial use)
os-intrusion-detection-content-snort-vrt 1.1_1 12.7KiB OPNsense IDS Snort VRT ruleset (needs registration or subscription)
I am a newcomer to OPNSense. Sorry if my question is a bit silly :|
A was on Synology Router before and I want to move to OPNSense.
I was using Threat Protection. If I well understand, I have to use Suricata on OPNSense (installed by default).
In "Intrusion Detection: Administration: Download", all the rules OPNsense-App-detect/* can be enabled and downloaded (I see a date on the "last updated" column, but it doesn't work for abuse.ch/* and ET open/*.
I can enable them but there is no date after clicking on "Download & update rules".
** see attachment **
I cannot see any error message.
I saw on some tutorials/docs that the "Filter" column is not on my screen.
I also have only 2 selection buttons : "Enable/disable selected". I don't see "Enable (drop/clear filter)" buttons.
Is it a problem?
If I try to install the plugin os-intrusion-detection-content-et-open, the rules into "Intrusion Detection: Administration" are listed in double. I have removed it.
Do I have to install it?
Does somebody have an idea of my mistake?
Thank you in advance
---
Type opnsense
Version 21.7.6
Architecture amd64
Flavour OpenSSL
Commit acdaa7649
Mirror https://pkg.opnsense.org/FreeBSD:12:amd64/21.7
Repositories OPNsense
Updated on Fri Nov 26 19:33:59 CET 2021
Checked on Sun Nov 28 00:00:00 CET 2021
---
suricata 6.0.4 6.82MiB OPNsense GPLv2 High Performance Network IDS, IPS and Security Monitoring engine
---
os-intrusion-detection-content-et-open 1.0.1 1.53KiB OPNsense IDS Proofpoint ET open ruleset complementary subset for ET Pro Telemetry edition
os-intrusion-detection-content-et-pro 1.0.2_1 5.72KiB OPNsense IDS Proofpoint ET Pro ruleset (needs a valid subscription)
os-intrusion-detection-content-pt-open 1.0_1 798B OPNsense IDS PT Research ruleset (only for non-commercial use)
os-intrusion-detection-content-snort-vrt 1.1_1 12.7KiB OPNsense IDS Snort VRT ruleset (needs registration or subscription)