[prev in list] [next in list] [prev in thread] [next in thread]
List: pfsense-discussion
Subject: Re: [pfSense] recommandation: snort IDS, web http traffic, pfsense
From: Ivo Tonev <ivo () tonev ! pro ! br>
Date: 2014-09-29 0:52:26
Message-ID: D34AB7F0-D3C2-412C-A697-D35FF1FB6799 () tonev ! pro ! br
[Download RAW message or body]
can you send your network layout ?
how many servers ?
------
Ivo Tonev
ivo@tonev.pro.br
> On Sep 28, 2014, at 05:58, Stefan Fuhrmann <stefan@fuhrmann.homedns.org> wrote:
>
> Hello all,
>
> can someone help?
>
> tia
> Stefan
>
> Am Freitag, 26. September 2014, 15:11:04 schrieb Stefan Fuhrmann:
>> Hello all,
>>
>> I need a recommandation for following setup:
>>
>> pfsense-cluster
>>
>> loadbalancers
>>
>> webservers
>>
>> There are some thousend visits per day and I want to secure with pfsense and
>> snort. Snort runs on lan-site.
>> I want to be aware which are the false positives and how to handle this
>> traffic with snort and the snort- gui within pfsense?
>> Is it now a good idea to enable step by step the categories and doing
>> whitelisting of rules , where Im the meaning this traffic should go and
>> block the rest?
>> Im unsure if there is alot of traffic getting blocked which should pass....
>> This should dont be happen...
>>
>> In that firm there is the meaning that we should do blacklisting. Blocking
>> only categories where we are secure this is not good traffic.
>> In the moment there are several thousend alerts per day!
>>
>> I would say blocking the alerts and then I do whitelisting via gui.
>> Problem: at first there is an error state....
>>
>> Someone can give recommandations how to implement?
>> Is it a good idea to configure the files directly on pfsense?
>>
>> tia
>> Stefan
>> _______________________________________________
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
>
> _______________________________________________
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic