Project

General

Profile

Actions

Todo #14225

open

Feedback on Packages — IDS / IPS — Configuring the Snort Package

Added by Jon Brown over 1 year ago. Updated over 1 year ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
Packages
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/packages/snort/setup.html

Feedback:

the following statement is now wrong.

The three Snort VRT IPS Policies are: (1) Connectivity, (2) Balanced and (3) Security. These are listed in order of increasing security. 

See the following image:


Files

missing-policy.png (53.3 KB) missing-policy.png Jon Brown, 04/01/2023 02:01 PM
Actions #1

Updated by Jon Brown over 1 year ago

this snort page lists the different policies but also gives a warning that the Max-Detect should only be used in test environments.

https://www.snort.org/faq/why-are-rules-commented-out-by-default

Actions #2

Updated by Jon Brown over 1 year ago

Should of added, there are 4 policies and Max-Detect is not mentioned on the help page

Actions

Also available in: Atom PDF