[Oisf-users] suricata defending itself

BARÓCSI Gábor Gabor.Barocsi at qualysoft.com
Mon Aug 17 13:00:23 UTC 2015

Dear all,

Please help me with an issue. I've configured a Suricata on a test firewall using NFQ and repeat mode with iptables.
When Suricata runs, it detects all penetration tests if these tests are regarded to a subsystem like a webserver behind the firewall. No problem with that.
But when I run a test-attack directly to Suricata, then it does not log anything and does not detect anything.

Am I missing some rules or something? I'm using all the basic rules for snort with oinkmaster.

Thank you very much!

Gábor Barócsi
System Engineer

[Description: cid:image002.jpg at 01CDA2F0.065CD3D0]

Qualysoft Informatikai Zrt. |H - 1118 Budapest, Budawest Irodaház, III. emelet, Rétköz u. 5.
M: +36 70 9 779 923 | T: +36 1 8899 831 | Fax: +36 1 8899 810
gabor.barocsi at qualysoft.com<mailto:gabor.barocsi at qualysoft.com> | www.qualysoft.hu<http://www.qualysoft.hu/>

P Please consider the environment before printing this email

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 12048 bytes
Desc: image001.jpg
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 20150 bytes
Desc: image002.jpg
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150817/b72e68f3/attachment-0003.jpg>

More information about the Oisf-users mailing list