Hi Cory, you use on pfsense squid in no transparent mode?
Good afternoon,_______________________________________________I decided to recently try Snort mainly for the App ID capability.. I work at a school so students are always using social networking apps and streaming media apps. I created the WAN interface and started the Snort process on this interface. I am using the predefined balanced IPS policy and I also placed a check in all of the check boxes underneath Snort OPENAPPI Rules and Ruleset: ET Open Rules.Now onto the issue I am having.. When I go to the alerts tab, most of what I see is Chrome and http traffic underneath description. There are no social networking or streaming services populating, even though I know people are using them. Does the free subscription just not have the most up to date App ID's, so nothing is coming up?
Snort-openappid mailing list
Please visit http://blog.snort.org to stay current on all the latest Snort news!