[Oisf-users] suricata defending itself
BARÓCSI Gábor
Gabor.Barocsi at qualysoft.com
Mon Aug 17 13:00:23 UTC 2015
Dear all,
Please help me with an issue. I've configured a Suricata on a test firewall using NFQ and repeat mode with iptables.
When Suricata runs, it detects all penetration tests if these tests are regarded to a subsystem like a webserver behind the firewall. No problem with that.
But when I run a test-attack directly to Suricata, then it does not log anything and does not detect anything.
Am I missing some rules or something? I'm using all the basic rules for snort with oinkmaster.
Thank you very much!
Gábor Barócsi
System Engineer
[Description: cid:image002.jpg at 01CDA2F0.065CD3D0]
Qualysoft Informatikai Zrt. |H - 1118 Budapest, Budawest Irodaház, III. emelet, Rétköz u. 5.
M: +36 70 9 779 923 | T: +36 1 8899 831 | Fax: +36 1 8899 810
gabor.barocsi at qualysoft.com<mailto:gabor.barocsi at qualysoft.com> | www.qualysoft.hu<http://www.qualysoft.hu/>
https://cherwell.qualysoft.com/
P Please consider the environment before printing this email
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 12048 bytes
Desc: image001.jpg
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 20150 bytes
Desc: image002.jpg
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0003.jpg>
More information about the Oisf-users
mailing list