Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - cancino

Pages1
#1
Intrusion Detection and Prevention / Re: Intrusion detection no showing alerts
May 07, 2019, 07:00:52 PM
I will put it in a test network to validate the installation.
Thank you very much for the help
#2
Intrusion Detection and Prevention / Re: Intrusion detection no showing alerts
May 07, 2019, 06:43:37 PM
Yes, I downloaded all the rules and enabled them
#3
Intrusion Detection and Prevention / Intrusion detection no showing alerts
May 07, 2019, 06:19:31 PM
Hi all
I activate Intrusion Detection, but I do not see alerts.

OPNsense 19.1.7-amd64
suricata 4.1.4

my config:
Enabled [X]
IPS mode  [ ]
Promiscuous mode [X]

Pattern matcher  Hyperscan

Interfaces  [WAN]


the only thing I see in the log is this warning:

OPNsense meerkat: [101053] <Warning> - [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE (317)] - in 5.0 the default for decoder event stats will go from 'decoder. <Proto>. <Event>' to 'decoder.event. <Proto >. <event> '. See ticket # 2225. To suppress this message, set stats.decoder-events-prefix in the yaml.

Can you help me please?
#4
19.1 Legacy Series / Re: Services and memory
May 02, 2019, 08:18:07 PM
1.- open a ssh terminal
2.- enter this command top -o res
#5
19.1 Legacy Series / Re: Multiple Public IPs
May 02, 2019, 07:35:53 PM
you can use "Virtual IPs".....

or if you just need nat for http port, you can use one ip and configurate your web server with virtual host.
Pages1