Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS/IPS not currently detecting testmynids.org "Bad Certificate Authorities"?
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS/IPS not currently detecting testmynids.org "Bad Certificate Authorities"? (Read 513 times)
JohnDoe17
Newbie
Posts: 40
Karma: 5
IDS/IPS not currently detecting testmynids.org "Bad Certificate Authorities"?
«
on:
May 10, 2024, 09:22:36 pm »
Greetings fellow OPNsense enthusiasts!
I regularly use (daily, in fact) the testmynids.org script from 3CORESec to validate that my IDS/IPS detection and alerting pipeline (using OPNsense and Graylog) are working correctly.
Starting around 27 March 2024, the "Bad Certificate Authorities" (Option 4) started failing to be detected.
1) Does anyone else use testmynids to verify the proper configuration and operations of the IDS/IPS on their OPNsense?
2) Does anyone know if this is this a known issue with current Suricata rules?
3) Can anyone else replicate my experience (i.e., the non-detection of the bad certificate authorities) with their setup?
NOTE: I have had intermittent failures in the past where some of the testmynids tests failed for a day or two, but those seemed to fixed in short order after a new IDS/IPS signature download. Nothing that's lasted this long - nearly two months!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS/IPS not currently detecting testmynids.org "Bad Certificate Authorities"?