Wiki

User Tools

Site Tools

Trace: create_temporary_network_config move_generation install_suricata zobrist_hashing create_permanent_network_config magic_bitboards etc_hal.conf
pfsense:suricata:suppress

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pfsense:suricata:suppress [2020/03/01 20:27] peterpfsense:suricata:suppress [2022/07/16 21:39] (current) – 4uMXQZ <a href="http://gdkrhydmwahu.com/">gdkrhydmwahu</a>, [url=http://ocupbhvhwaef.com/]ocupbhvhwaef[/url], [link=http://cjsxuyshervu.com/]cjsxuyshervu[/link], http://tkagiwtewlnu.com/ 5.188.211.16
Line 1: Line 1:
-====== PFSense - Suricata - Suppress ====== +4uMXQZ  <a href="http://gdkrhydmwahu.com/">gdkrhydmwahu</a>, [url=http://ocupbhvhwaef.com/]ocupbhvhwaef[/url], [link=http://cjsxuyshervu.com/]cjsxuyshervu[/link]http://tkagiwtewlnu.com/
- +
-Create a suppress list to suppress certain snort and ET signatures to overcome False Positives. +
- +
-<code> +
-Services -> Suricata -> Suppress +
-</code> +
- +
- +
----- +
- +
-===== Examples to Supress ===== +
- +
-The following list is from various sourcesRecommended to check and confirm. +
- +
-<code> +
-suppress gen_id 1sig_id 536 +
-suppress gen_id 1, sig_id 648 +
-suppress gen_id 1, sig_id 837 +
-suppress gen_id 1, sig_id 11192 +
-suppress gen_id 1, sig_id 12286 +
-suppress gen_id 1, sig_id 15147 +
-suppress gen_id 1, sig_id 15306 +
-suppress gen_id 1, sig_id 15362 +
-suppress gen_id 1, sig_id 17458 +
-suppress gen_id 1, sig_id 20583 +
-suppress gen_id 1, sig_id 2000334 +
-suppress gen_id 1, sig_id 2010516 +
-suppress gen_id 1, sig_id 2012088 +
-suppress gen_id 1, sig_id 2013222 +
-suppress gen_id 1, sig_id 2014819 +
-suppress gen_id 1, sig_id 2014520 +
-suppress gen_id 1, sig_id 2101390 +
-suppress gen_id 1, sig_id 2103134 +
-suppress gen_id 1, sig_id 2500056 +
-suppress gen_id 119, sig_id 2 +
-suppress gen_id 119, sig_id 4 +
-suppress gen_id 119, sig_id 14 +
-suppress gen_id 119, sig_id 31 +
-suppress gen_id 119, sig_id 32 +
-suppress gen_id 120, sig_id 2 +
-suppress gen_id 120, sig_id 3 +
-suppress gen_id 120, sig_id 4 +
-suppress gen_id 120, sig_id 6 +
-suppress gen_id 120, sig_id 8 +
-suppress gen_id 120, sig_id 9 +
-suppress gen_id 122, sig_id 19 +
-suppress gen_id 122, sig_id 21 +
-suppress gen_id 122, sig_id 22 +
-suppress gen_id 122, sig_id 23 +
-suppress gen_id 122, sig_id 26 +
-</code> +
- +
pfsense/suricata/suppress.1583094459.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki