<html><body><div id="edo-message"><div></div>Well, effectively you do. Make a careful assessment of users, apps, servers, day to day business requirements and then instruct ( with a good Rule set ) Suricata to work. Also all unsolicited traffic may not necessarily be bad traffic depending on your business requirements.</div><div id="edo-message"><br></div><div id="edo-message">Regards</div><div id="edo-message">Amar Rathore</div><div id="edo-message">CounterSnipe Systems</div><div id="edo-meta"></div><div id="edo-original"><div><br><br><blockquote type="cite" style="margin:1ex 0 0 0;border-left:1px #ccc solid;padding-left:0.5ex;"><div>On Dec 10, 2018 at 8:19 AM, <<a href="mailto:kaushalshriyan@gmail.com">Kaushal Shriyan</a>> wrote:<br><br></div><div><div dir="ltr">Hi Amar,<div><br></div><div>Yes i was referring to what tells Suricata as to what’s solicited or not.</div><div><br></div><div>Best Regards,</div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Dec 10, 2018 at 7:58 AM Amar <<a href="mailto:amar@countersnipe.com">amar@countersnipe.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div id="gmail-m_2276755593477731215edo-message"><div></div></div><div id="gmail-m_2276755593477731215edo-message"><span>Hi Kaushal</span></div><div id="gmail-m_2276755593477731215edo-message"><br></div><div id="gmail-m_2276755593477731215edo-message"><span>Do you mean the technical workings of it?</span></div><div id="gmail-m_2276755593477731215edo-message"><span>Or </span></div><div id="gmail-m_2276755593477731215edo-message"><span>What tells Suricata as to what’s solicited or not?</span></div><div id="gmail-m_2276755593477731215edo-message"><br></div><div id="gmail-m_2276755593477731215edo-message">Rgds</div><div id="gmail-m_2276755593477731215edo-message">Amar Rathore</div><div id="gmail-m_2276755593477731215edo-message">Countersnipe Systems</div><div id="gmail-m_2276755593477731215edo-meta"></div><div id="gmail-m_2276755593477731215edo-original"><div><br><br><blockquote type="cite" style="margin:1ex 0px 0px;border-left:1px solid rgb(204,204,204);padding-left:0.5ex"><div>On Dec 9, 2018 at 10:18 AM, <<a href="mailto:kaushalshriyan@gmail.com" target="_blank">Kaushal Shriyan</a>> wrote:<br><br></div><div><div dir="ltr"><div dir="ltr"><div dir="ltr">Hi,<div><br></div><div>I know Suricata is both a IDS and IPS system and planning to set up in our infrastructure. I am trying to understand how does Suricata IPS system differentiate between solicited and unsolicited traffic and block / prevent unsolicited traffic to the network. I will appreciate if somebody can explain with some examples.</div><div><br></div><div>Thanks in Advance.</div><div><br></div><div>Best Regards,</div><div><br></div><div>Kaushal</div></div></div></div>
</div></blockquote></div></div></div></blockquote></div>
</div></blockquote></div></div></body></html>