1
General Discussion / Deleted by OP
« on: May 30, 2024, 03:33:42 pm »
Deleted by OP
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
3
Hardware and Performance / Re: Network card compatibility - BCM95719 - Suricata
« on: May 28, 2024, 04:49:29 pm »
Thanks for the help.
After a failed eBay order (check PCIe not just PCI !) I managed to get a Dell? I350AM4 dual port card.
A small hurdle of re-assigning the WAN port correctly then I had to re-configure my PPPOE connection before finally getting on the internet and setting up Suricata from scratch. I now have alerts detecting stuff !
I also installed a CURL port for Windows and the EICAR test works too.
Now to get a good set of Rules setup ...
After a failed eBay order (check PCIe not just PCI !) I managed to get a Dell? I350AM4 dual port card.
A small hurdle of re-assigning the WAN port correctly then I had to re-configure my PPPOE connection before finally getting on the internet and setting up Suricata from scratch. I now have alerts detecting stuff !
I also installed a CURL port for Windows and the EICAR test works too.
Now to get a good set of Rules setup ...
4
Hardware and Performance / Re: Network card compatibility - BCM95719 - Suricata
« on: May 17, 2024, 10:52:55 am »
Hi Greg
I did quite a bit of research when choosing a Broadcom over an Intel as I saw other users having issues with OEM types such as Dell or HP NC364 etc. and less reports of issues with Broadcom.
I can take a punt and grab an I350, for the sake of £20 or so.
Yes, all hardware offloading is turned off. Tried with and without Promiscuous mode and have no VLANs.
For now I am relying on firewall rules on the WAN port with ET-emerging and GEO-IP blocklists but it would be good to have something more comprehensive on the LAN working.
Thanks
I did quite a bit of research when choosing a Broadcom over an Intel as I saw other users having issues with OEM types such as Dell or HP NC364 etc. and less reports of issues with Broadcom.
I can take a punt and grab an I350, for the sake of £20 or so.
Yes, all hardware offloading is turned off. Tried with and without Promiscuous mode and have no VLANs.
For now I am relying on firewall rules on the WAN port with ET-emerging and GEO-IP blocklists but it would be good to have something more comprehensive on the LAN working.
Thanks
5
Hardware and Performance / Network card compatibility - BCM95719 - Suricata
« on: May 16, 2024, 10:06:43 am »
I have been running Opnsense on a HP t730 Thin Client for over a year using 2 of the 4 ports on the BCM95719A1904G NIC for WAN and LAN.
Throughout all that time I have never got Suricata to detect anything either on LAN or WAN. Even with the EICAR test rule.
I used to use ZENArmor but found that would stop network flow randomly after a couple of days so uninstalled it.
I think the NIC is running as generic emulated or something similar.
My question is has anyone any issues with this card or can offer any advice why Suricata fails to detect any malware, even when using the EICAR txt test ?
Or is it the case that the emulated nic driver is not compatible with Suricata/Zenarmour etc ?
Thanks
Throughout all that time I have never got Suricata to detect anything either on LAN or WAN. Even with the EICAR test rule.
I used to use ZENArmor but found that would stop network flow randomly after a couple of days so uninstalled it.
I think the NIC is running as generic emulated or something similar.
My question is has anyone any issues with this card or can offer any advice why Suricata fails to detect any malware, even when using the EICAR txt test ?
Or is it the case that the emulated nic driver is not compatible with Suricata/Zenarmour etc ?
Thanks
Pages: [1]