[Soekris] Network content monitoring on Net6501 - any, suggestions?
rguerra at privaterra.org
Wed Sep 26 14:16:34 UTC 2012
In regards to Snort running on the Net6501 on PfSense 2.1 (details below), I have been using it for a while.
built on Thu Sep 20 13:34:11 EDT 2012
FreeBSD pfsense.pvt 8.3-RELEASE-p4 FreeBSD 8.3-RELEASE-p4 #1: Thu Sep 20 14:01:16 EDT 2012 root at snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386
I do seem to have an issue in that it runs for a while, and then terminates quite unexpectedly most of the time. This is quite annoying as i'm keen to have Snort be able to inspect traffic and generate alerts and block IPs for my users.
Any suggestions on what might be causing the premature termination of Snort and ways to fix it would be - well... highly appreciated...
Phone/Cell: +1 202-905-2081
Email: rguerra at privaterra.org
On 2012-09-26, at 8:47 AM, Robin Kipp wrote:
> Hi Josh,
>> If you're up for the task, snort could do the trick.
> I already have Snort running on the box, but that only detects and alerts for abnormal network activities (well, I'll still have to do some fine tuning). So, if you've got any advice / resources on how to do the things I've described with Snort, I'd definitely appreciate that!
> Soekris-tech mailing list
> Soekris-tech at lists.soekris.com
More information about the Soekris-tech