Layer 7 interogation

Started by Atilio, April 10, 2017, 05:21:20 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 10, 2017, 05:21:20 AM
Hi there,
I'm a new user of OPNSENSE. I think it's a great product. using it on a dedicate i5 with 3 Nics.
However I'm comparing it with PFSENSE and I don't see any Layer 7 capability. I want to block P2P as an example.
Can someone please advise if this is possible with any of the IDS modules or something I'm missing here in firewall policies?

Cheers,

At.
April 10, 2017, 09:08:58 AM #1
Under Services you will find the configuration for IDS and IPS. There you can configure suricata for use cases like this but it may not work as some protocols are heavily obfuscated to trick IPS systems and firewalls. The best thing you can do is using a strongly restricted ruleset.
Print
Go Up Pages1
User actions