|
Title: IDS Post by: Ignacio on Sunday 07 March 2010, 11:05:58 am I have an Endian Firewall Community release 2.2
How can I check if it is working well intrusion detection? Days ago I do not see messages in Registration - Services - IDS Title: Re: IDS Post by: whoiam55 on Monday 08 March 2010, 05:01:26 pm I don't know who to test IDS exactly, but one thing you can do it, run a torrent client in your network.
If IDS is working Endian should report something like this in it's log(IDS) Code: snort[4389]: [1:2000334:9] ET P2P BitTorrent peer sync [Classification: Potential Corporate Privacy Violation] [Priority: 1]: {TCP} 5.5.5.5:51439 -> 5.5.5.5:17445ps: The IP in this example are change just to save my a$$. |