[Snort-users] Assistance Request

Eric Martin eric.martin at ...4994...
Tue Apr 12 21:28:06 EDT 2016


I have been deploying a new pfSense machine using the core applications
including SNORT.  I have the subscribed VRT rules installed, along with
OpenAppID and ETOpen.

 

Today, I was finishing implementation and was unable to get out using
LogMeIn and noticed the errors were coming from ET.  Then the headaches
started when trying to add whitelist information.  Then I uninstalled the ET
Rules.  Now, I am not convinced the VRT & OpenAppID Rules are working.  I
just don't understand the overall rules and such to apply in the way they
need to be applied.  Completely different from Cisco and SonicWALL.

 

I need AND am happy to pay someone to do a review of my configuration and
confirm I am not missing something.

 

I am in IT and have been using Cisco & SonicWALL UTMs in the past.  This
learning curve is driving me crazy and as usual, the definitive answers on
the web are subjective.  As usual, I've spent hours and hours on the web
researching things and basically pulling out my hair.

 

Please, anyone with real world experience using pfSense 2.2.6, SNORT &
SQUID3 (Which I removed today due to some basic routing problems that I just
could not figure out) please reach out to me, we can work out payment and
get these basic issues resolved.  If interested, this can also turn into a
long term relationship as I really don't want to become a pfsense engineer.
I am very capable for general maintenance, but don't need another
engineering degree.  LOL.

 

I am PST Time Zone AND thanks in advance for any response.

 

Sincerely,

 

Eric S. Martin 

980-225-1270 (Office Direct)

704-999-1472 (Cell)

 

 

CONFIDENTIALITY NOTICE: The information contained in this e-mail
transmission (including any document, file, or previous e-mail message
within it), is considered confidential information and subject to
non-disclosure agreements. If you are not the intended recipient, or a
person responsible for delivering it to the intended recipient, please take
notice that any disclosure, copying, distribution, or use of any of this
information is PROHIBITED, and please immediately notify me by replying to
my e-mail address -  <mailto:eric.martin at ...4994...>
mailto:eric.martin at ...4994... - or by calling me, and destroy the original
transmission without reading or saving it. This email may contain
confidential and proprietary material for the sole use of the intended
recipient. Any review or distribution by others is strictly prohibited.
Thank you.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160412/66eea7e5/attachment.html>


More information about the Snort-users mailing list