[Oisf-users] Suricata IPS system differentiate between solicited and unsolicited traffic
Amar
amar at countersnipe.com
Mon Dec 10 11:19:30 UTC 2018
Well, effectively you do. Make a careful assessment of users, apps, servers, day to day business requirements and then instruct ( with a good Rule set ) Suricata to work. Also all unsolicited traffic may not necessarily be bad traffic depending on your business requirements.
Regards
Amar Rathore
CounterSnipe Systems
>
> On Dec 10, 2018 at 8:19 AM, <Kaushal Shriyan (mailto:kaushalshriyan at gmail.com)> wrote:
>
>
>
> Hi Amar,
>
>
> Yes i was referring to what tells Suricata as to what’s solicited or not.
>
>
>
> Best Regards,
>
>
>
>
> On Mon, Dec 10, 2018 at 7:58 AM Amar <amar at countersnipe.com (mailto:amar at countersnipe.com)> wrote:
>
> >
> >
> >
> >
> >
> >
> > Hi Kaushal
> >
> >
> >
> > Do you mean the technical workings of it?
> >
> > Or
> >
> > What tells Suricata as to what’s solicited or not?
> >
> >
> >
> > Rgds
> >
> > Amar Rathore
> >
> > Countersnipe Systems
> >
> >
> >
> >
> >
> >
> >
> > >
> > > On Dec 9, 2018 at 10:18 AM, <Kaushal Shriyan (mailto:kaushalshriyan at gmail.com)> wrote:
> > >
> > >
> > >
> > >
> > >
> > > Hi,
> > >
> > >
> > > I know Suricata is both a IDS and IPS system and planning to set up in our infrastructure. I am trying to understand how does Suricata IPS system differentiate between solicited and unsolicited traffic and block / prevent unsolicited traffic to the network. I will appreciate if somebody can explain with some examples.
> > >
> > >
> > >
> > > Thanks in Advance.
> > >
> > >
> > >
> > > Best Regards,
> > >
> > >
> > >
> > > Kaushal
> > >
> > >
> > >
> > >
> > >
> >
> >
> >
> >
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181210/a561af20/attachment.html>
More information about the Oisf-users
mailing list