Hello all, can someone help?
tia Stefan Am Freitag, 26. September 2014, 15:11:04 schrieb Stefan Fuhrmann: > Hello all, > > I need a recommandation for following setup: > > pfsense-cluster > > loadbalancers > > webservers > > There are some thousend visits per day and I want to secure with pfsense and > snort. Snort runs on lan-site. > I want to be aware which are the false positives and how to handle this > traffic with snort and the snort- gui within pfsense? > Is it now a good idea to enable step by step the categories and doing > whitelisting of rules , where Im the meaning this traffic should go and > block the rest? > Im unsure if there is alot of traffic getting blocked which should pass.... > This should dont be happen... > > In that firm there is the meaning that we should do blacklisting. Blocking > only categories where we are secure this is not good traffic. > In the moment there are several thousend alerts per day! > > I would say blocking the alerts and then I do whitelisting via gui. > Problem: at first there is an error state.... > > Someone can give recommandations how to implement? > Is it a good idea to configure the files directly on pfsense? > > tia > Stefan > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
