[Soekris] Network content monitoring on Net6501 - any, suggestions?

Robert Guerra rguerra at privaterra.org
Wed Sep 26 14:16:34 UTC 2012


In regards to Snort running on the Net6501 on PfSense 2.1 (details below), I have been using it for a while.

2.1-BETA0 (i386) 
built on Thu Sep 20 13:34:11 EDT 2012 
FreeBSD pfsense.pvt 8.3-RELEASE-p4 FreeBSD 8.3-RELEASE-p4 #1: Thu Sep 20 14:01:16 EDT 2012 root at snapshots-8_3-i386.builders.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_wrap.8.i386 i386


I do seem to have an issue in that it runs for a while, and then terminates quite unexpectedly most of the time. This is quite annoying as i'm keen to have Snort be able to inspect traffic and generate alerts and block IPs for my users.

Any suggestions on what might be causing the premature termination of Snort and ways to fix it would be - well... highly appreciated...

regards

Robert


--
R. Guerra
Phone/Cell: +1 202-905-2081
Twitter: twitter.com/netfreedom 
Email: rguerra at privaterra.org

On 2012-09-26, at 8:47 AM, Robin Kipp wrote:

> Hi Josh,
> 
>> If you're up for the task, snort could do the trick.
> 
> I already have Snort running on the box, but that only detects and alerts for abnormal network activities (well, I'll still have to do some fine tuning). So, if you've got any advice / resources on how to do the things I've described with Snort, I'd definitely appreciate that!
> Regards,
> Robin.
> _______________________________________________
> Soekris-tech mailing list
> Soekris-tech at lists.soekris.com
> http://lists.soekris.com/mailman/listinfo/soekris-tech



More information about the Soekris-tech mailing list