Snort mailing list archives
FW: Allowing windows updates to pass through snort
From: "Tony Reusser" <treusser () filertel com>
Date: Tue, 18 Feb 2014 10:04:53 -0700
You're gonna hate this answer. But please, I'm not trying to be snide or sarcastic. The best solution is to run SNORT on linux. Been running SNORT on CentOS with Barnyard, PulledPork and BASE for nearly two years without a single hic-up. Updates are easy and straight forward. IMHO, Windows is the absolute WORST platform for running any kind of IDS/IPS on. Regards, Tony -----Original Message----- From: Doug Olitsky [mailto:doug_olitsky () yahoo com] Sent: Tuesday, February 18, 2014 9:31 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Allowing windows updates to pass through snort OK, I'm a beginner at this and after months of trying to read and teach myself I cry uncle... I have Snort running on a pfSense gateway I built a year ago. For the life of me I cannot figure out how to prevent windows updates from being blocked. My lame solution is to disable Snort for updates and then restart when done. I tried setting IPS to Connectivity and even disabling it along w/ the community rules to no avail. Any guidance is appreciated -- Regards; Doug ===================================================== ---------------------------------------------------------------------------- -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Allowing windows updates to pass through snort Doug Olitsky (Feb 18)
- Re: Allowing windows updates to pass through snort Tony Reusser (Feb 18)
- Re: Allowing windows updates to pass through snort Tony Reusser (Feb 18)
- Re: Allowing windows updates to pass through snort waldo kitty (Feb 18)
- <Possible follow-ups>
- FW: Allowing windows updates to pass through snort Tony Reusser (Feb 18)