Bypass IDS/IPS possible?

marcri · June 12, 2019, 03:27:42 PM

Hi,
from time to time I have to transfer a lot of data from one local network to another. I don't want to disable IDS/IPS on these interfaces, but the throughput is very low (400Mbit / 1Gbit). Is it possible to bypass NFS (TCP/2049)? I haven't found any hints on how to write a rule that leaves Suricatas ruleset very early.

Bypass IDS/IPS possible?

marcri

June 12, 2019, 03:27:42 PM