Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Detecting compromised vpn clients
« previous
next »
Print
Pages: [
1
]
Author
Topic: Detecting compromised vpn clients (Read 928 times)
fathibn
Newbie
Posts: 23
Karma: 0
Detecting compromised vpn clients
«
on:
August 05, 2023, 03:07:42 am »
HI,
I have setup openvpn server to allow remote users to connect to internal network. I would like to setup intrusion detection to detect malicious traffic from compromised vpn clients to corporate lan. I am only interested on vpn client address as real addresses are dynamic (3G/4G mobile network) and opnsense is behind another firewall, so all clients seem to be coming from dmz gateway.
Which surricata rules should i activate, mainly to detect attacks against windows servers and databases ?
TIA.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Detecting compromised vpn clients