[Snort-openappid] Using Snort on pfsense

Cory Juillerat cjuillerat at ztlsd.org
Fri Apr 20 13:30:28 EDT 2018


Good afternoon,

I decided to recently try Snort mainly for the App ID capability.. I work
at a school so students are always using social networking apps and
streaming media apps. I created the WAN interface and started the Snort
process on this interface. I am using the predefined balanced IPS policy
and I also placed a check in all of the check boxes underneath Snort
OPENAPPI Rules and Ruleset: ET Open Rules.

Now onto the issue I am having.. When I go to the alerts tab, most of what
I see is Chrome and http traffic underneath description. There are no
social networking or streaming services populating, even though I know
people are using them. Does the free subscription just not have the most up
to date App ID's, so nothing is coming up?

Thank you,


Cory Juillerat, M.S.

Director of Technology

*Phone: *740.772.7667

*Email:* cjuillerat at ztlsd.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20180420/228f6e64/attachment.html>


More information about the Snort-openappid mailing list