Snort mailing list archives
Re: Assistance Request
From: Leo Nespoli <leo4b () hotmail it>
Date: Wed, 13 Apr 2016 15:08:10 +0200
I'm asking on snort users list because I think it seems a snort's problem... I've already used snort to monitor LAN communication, and now I'm trying to use it also on my local WiFi. Searching on internet, I found some documentation on the Snort's integration with Kismet. By the way, do you think that there is a way to solve this problem? Thanks for your time. From: allewi () cisco com To: eric.martin () techie com Date: Wed, 13 Apr 2016 12:55:54 +0000 CC: snort-users () lists sourceforge net Subject: Re: [Snort-users] Assistance Request Just so we are clear.. do you have a snort issue or a problem with something else? To understand snort rules you may want to start here: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node27.html Albert Lewis QA Software Engineer SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com From: Eric Martin [mailto:eric.martin () techie com] Sent: Tuesday, April 12, 2016 9:28 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Assistance Request Importance: High I have been deploying a new pfSense machine using the core applications including SNORT. I have the subscribed VRT rules installed, along with OpenAppID and ETOpen. Today, I was finishing implementation and was unable to get out using LogMeIn and noticed the errors were coming from ET. Then the headaches started when trying to add whitelist information. Then I uninstalled the ET Rules. Now, I am not convinced the VRT & OpenAppID Rules are working. I just don’t understand the overall rules and such to apply in the way they need to be applied. Completely different from Cisco and SonicWALL. I need AND am happy to pay someone to do a review of my configuration and confirm I am not missing something. I am in IT and have been using Cisco & SonicWALL UTMs in the past. This learning curve is driving me crazy and as usual, the definitive answers on the web are subjective. As usual, I’ve spent hours and hours on the web researching things and basically pulling out my hair. Please, anyone with real world experience using pfSense 2.2.6, SNORT & SQUID3 (Which I removed today due to some basic routing problems that I just could not figure out) please reach out to me, we can work out payment and get these basic issues resolved. If interested, this can also turn into a long term relationship as I really don’t want to become a pfsense engineer. I am very capable for general maintenance, but don’t need another engineering degree. LOL. I am PST Time Zone AND thanks in advance for any response. Sincerely, Eric S. Martin 980-225-1270 (Office Direct) 704-999-1472 (Cell) CONFIDENTIALITY NOTICE: The information contained in this e-mail transmission (including any document, file, or previous e-mail message within it), is considered confidential information and subject to non-disclosure agreements. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, please take notice that any disclosure, copying, distribution, or use of any of this information is PROHIBITED, and please immediately notify me by replying to my e-mail address - mailto:eric.martin () techie com - or by calling me, and destroy the original transmission without reading or saving it. This email may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. Thank you. ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Assistance Request Eric Martin (Apr 12)
- Re: Assistance Request Al Lewis (allewi) (Apr 13)
- Re: Assistance Request Leo Nespoli (Apr 13)
- Re: Assistance Request Al Lewis (allewi) (Apr 13)
- Re: Assistance Request Leo Nespoli (Apr 13)
- Re: Assistance Request Al Lewis (allewi) (Apr 13)