[Snort-openappid] Using Snort on pfsense
cjuillerat at ztlsd.org
Fri Apr 20 13:30:28 EDT 2018
I decided to recently try Snort mainly for the App ID capability.. I work
at a school so students are always using social networking apps and
streaming media apps. I created the WAN interface and started the Snort
process on this interface. I am using the predefined balanced IPS policy
and I also placed a check in all of the check boxes underneath Snort
OPENAPPI Rules and Ruleset: ET Open Rules.
Now onto the issue I am having.. When I go to the alerts tab, most of what
I see is Chrome and http traffic underneath description. There are no
social networking or streaming services populating, even though I know
people are using them. Does the free subscription just not have the most up
to date App ID's, so nothing is coming up?
Cory Juillerat, M.S.
Director of Technology
*Email:* cjuillerat at ztlsd.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-openappid