<div dir="ltr"><div dir="ltr">
<div dir="ltr">Hi, I want to use suricata as IDS in my network. Firstly I
decided to try it in offline mode on existing datasets. I am using ET
open rules now. After enabling all rules with priority 1 or 2, Suricata
wasn`t able to detect all DoS attacks in dataset created by <a href="https://www.unb.ca/cic/datasets/ids-2017.html" target="_blank">https://www.unb.ca/cic/datasets/ids-2017.html</a></div><div>Dataset
from wednesday should contain different DoS attacks, but Suricata
generated only 3 alerts. Did I make any mistake in configuration? Is
Suricata and ET open rules able to detect DoS attacks?</div><div><br></div><div>thanks</div></div></div>