Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Suricata Starter Guide
« previous
next »
Print
Pages: [
1
]
Author
Topic: Suricata Starter Guide (Read 1667 times)
baqwas
Jr. Member
Posts: 62
Karma: 3
Suricata Starter Guide
«
on:
July 14, 2020, 11:49:45 pm »
Hello,
I have Suricata running (I believe) since Systems->Diagnostics->Services has the green play button visible for it.
Under Services->Intrusion Detection->Administration (correct place?) there are a bunch of tabs. How do I go about setting some Rules? Use Rules details? Or should I stick with Firewall NAT for my custom rules and leave Suricata for well known signatures (since I wouldn't have any clue about SSL/Fingerprint if I attempted to enter a record here)?
Sorry for being all over the place with
newbie
questions. I've just discovered that I need to lock down my small site from probes on a select few well known ports. Since OPNsense can do it for me, I looking for guidance (or pointers to tutorials).
Thanks.
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Suricata Starter Guide
«
Reply #1 on:
July 15, 2020, 06:04:46 am »
This should be done via Firewall Rules, not IPS
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
baqwas
Jr. Member
Posts: 62
Karma: 3
Re: Suricata Starter Guide
«
Reply #2 on:
July 15, 2020, 06:58:53 am »
OK. Will use Rules. Thx again!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Suricata Starter Guide
