good day everyone, i've got pfsense running in a vmware virtual machine on esx ... server is sitting in a rack at a datacenter.
i've installed snort, enabled barnyard, and am collecting alerts to mysql and examining them using base. i'm wondering if someone could give any guidance on this setup actually issuing warning e-mails ... that is to say, that after several months, i have litterly tens of thousands of alerts sitting in mysql. many of these alerts are superfluous -- they were attempts on closed ports on the wan interface, and so forth. so the question: can someone suggest a working configuration where only "real" intrusions are detected and warning mails sent as a result? many thanks m --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
