Summary: | Move to Suricata | ||
---|---|---|---|
Product: | IPFire | Reporter: | Peter Müller <peter.mueller> |
Component: | --- | Assignee: | Stefan Schantl <stefan.schantl> |
Status: | CLOSED FIXED | QA Contact: | Peter Müller <peter.mueller> |
Severity: | Security | ||
Priority: | Will affect most users | CC: | arne.fitzenreiter, daniel.weismueller, horace.michael, matthias.fischer, michael.tremer, stefan.schantl |
Version: | 2 | Keywords: | Security, Umbrella |
Hardware: | all | ||
OS: | All | ||
Bug Depends on: | 10759, 11263, 11802, 11803, 11808, 11822, 11831, 11832, 11833, 11834, 11835, 11836, 11837, 11838, 11953, 11976, 11978, 11979, 11981, 11983, 11984, 11985, 11986, 11987, 11988, 11989, 11990, 11991, 11992, 11993, 12002, 12004, 12010, 12011, 12013, 12019, 12034, 12037, 12048, 12056, 12061, 12062 | ||
Bug Blocks: | 11542, 12052 |
Description
Peter Müller
2018-07-17 20:23:48 UTC
Open questions (forgive me if it had slipped my mind): - Should we drop oinkmaster and move to etupdate? - Good default configuration for Suricata (I can do some research) - Should we let Guardian handle the IPS function or use Suricatas' built-in (I prefer the first)? (In reply to Peter Müller from comment #1) > Open questions (forgive me if it had slipped my mind): > - Should we drop oinkmaster and move to etupdate? We will stay with oinkmaster in IPFire 2 > - Good default configuration for Suricata (I can do some research) Please do > - Should we let Guardian handle the IPS function or use Suricatas' built-in > (I prefer the first)? I guess guardian has a nice UI now and it would be a waste to throw that away. However, it might be a good idea to think about a better integration with suricata instead of parsing logfiles Suricata has been shipped with IPFire 2.23 - Core 131, so this bug and all related one can be closed as fixed. |