Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
syn flood
« previous
next »
Print
Pages: [
1
]
Author
Topic: syn flood (Read 2159 times)
akanarya
Newbie
Posts: 10
Karma: 0
syn flood
«
on:
February 02, 2021, 04:25:59 pm »
Hi,
I am experimenting suricata with syn flood.
I observered that it could discard the certain floods but interestingly there is no alert on IDS alert screen.
I am sure that IDS blocked, because when i am disabling the IDS, packets are arriving to the client.
No other parameters were changed.
My opnsense is at the latest version and I am only using ET Pro telemetry rules not others.
Only attack to port 22 is giving "SSH scan" alert.
What is the reason for no alert?
Thanks
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
syn flood