[Oisf-users] Suricata IPS system differentiate between solicited and unsolicited traffic

Kaushal Shriyan kaushalshriyan at gmail.com
Tue Dec 25 07:20:48 UTC 2018


On Sat, Dec 15, 2018 at 6:56 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

>
>
> On Thu, Dec 13, 2018 at 11:41 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
> wrote:
>
>> Hi Amar,
>>
>> I am still not able to figure out how to distinguish between trusted vs
>> untrusted traffic. Are there any certain patterns i should look for or any
>> specific trend...? I am finding it difficult to understand it. Any examples
>> or samples which will help me understand the setup.
>>
>> Best Regards,
>>
>> On Wed, Dec 12, 2018 at 7:30 AM Kaushal Shriyan <kaushalshriyan at gmail.com>
>> wrote:
>>
>>> Thanks Amar and i will go through the docs.
>>>
>>> On Mon, Dec 10, 2018 at 4:49 PM Amar <amar at countersnipe.com> wrote:
>>>
>>>> Well, effectively you do. Make a careful assessment of users, apps,
>>>> servers, day to day business requirements and then instruct ( with a good
>>>> Rule set ) Suricata to work. Also all unsolicited traffic may not
>>>> necessarily be bad traffic depending on your business requirements.
>>>>
>>>> Regards
>>>> Amar Rathore
>>>> CounterSnipe Systems
>>>>
>>>>
>>>> On Dec 10, 2018 at 8:19 AM, <Kaushal Shriyan <kaushalshriyan at gmail.com>>
>>>> wrote:
>>>>
>>>> Hi Amar,
>>>>
>>>> Yes i  was referring to what tells Suricata as to what’s solicited or
>>>> not.
>>>>
>>>> Best Regards,
>>>>
>>>> On Mon, Dec 10, 2018 at 7:58 AM Amar <amar at countersnipe.com> wrote:
>>>>
>>>>> Hi Kaushal
>>>>>
>>>>> Do you mean the technical workings of it?
>>>>> Or
>>>>> What tells Suricata as to what’s solicited or not?
>>>>>
>>>>> Rgds
>>>>> Amar Rathore
>>>>> Countersnipe Systems
>>>>>
>>>>>
>>>>> On Dec 9, 2018 at 10:18 AM, <Kaushal Shriyan
>>>>> <kaushalshriyan at gmail.com>> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I know Suricata is both a IDS and IPS system and planning to set up in
>>>>> our infrastructure. I am trying to understand how does Suricata IPS system
>>>>> differentiate between solicited and unsolicited traffic and block / prevent
>>>>> unsolicited traffic to the network. I will appreciate if somebody can
>>>>> explain with some examples.
>>>>>
>>>>> Thanks in Advance.
>>>>>
>>>>> Best Regards,
>>>>>
>>>>> Kaushal
>>>>>
>>>>>
>
> Hi,
>
> Checking in again if somebody can pitch in for my earlier question to this
> mailing list.
>
> Thanks in Advance.
>
> Best Regards,
>
> Kaushal
>

Hi Again,

Checking in again if somebody can pitch in for my earlier question to this
mailing list. Thanks in Advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181225/35202fdb/attachment.html>


More information about the Oisf-users mailing list