[Oisf-users] Why nobody here for help?

[Nelson, Cooper]

Hi Jason,

The $HOME_NET variable should be set to your home network CIDR block, most likely 192.168.0.0/24 as mentioned.  The external net is simply everything *not* this, implied by the ! negation operator.

Re: your problem with the rules files being missing, did you at least install the EmergingThreats OPEN ruleset from https://rules.emergingthreats.net/open/suricata-4.0/emerging.rules.tar.gz ?

If you are just getting started with suricata, in general I will advise to use one of the many packaged distros available that ship with it already installed and preconfigured.

If you are interested in installing it on existing system from scratch, instructions are here:

https://suricata.readthedocs.io/en/suricata-4.1.2/install.html

Here is the relevant section on rule management.

https://suricata.readthedocs.io/en/suricata-4.1.2/rule-management/index.html

Feel free to reach out to me directly to get you at least up and running or need some pointers for packaged distros.

-Coop

From: Oisf-users <oisf-users-bounces at lists.openinfosecfoundation.org> On Behalf Of Jason Long
Sent: Tuesday, February 12, 2019 12:27 PM
To: Open Information Security Foundation <oisf-users at lists.openinfosecfoundation.org>
Subject: [Oisf-users] Why nobody here for help?

Hello,
Excuse me, is it a correct address for ask questions?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190212/3053e25d/attachment.html>