Messages

1

Intrusion Detection and Prevention / OPNsense as internal IDS

« on: June 15, 2018, 04:47:46 pm »

Hi all,
a customer of ours needs to run an IDS to log all hacking attempts from inside of his LAN.
I've thought to use OPNsense with only WAN interface, promiscuous mode and switch all-ports mirrored port, but within suricata log I can't see any network attack.

Any thought?
Thanks
Luca