ben3636
commented
1 year ago Correct, this project was aimed mostly at alerting only but you can follow the Suricata documentation to configure it in blocking mode. Many of these rulesets can be quite noisy out-of-the-box and you'll want to tune them very well prior to blocking to avoid having the setup block benign traffic and wreak havoc on your network. Also be sure to create your own IFTTT webhooks if you want notifications, looks like I left an old one in there that no longer works instead of adding a template for each person to fill in their webhook url :)
Hi Very nice Project Idea.
I setup everything and it works so far. One Question, if Suricata detect malware, it does not block it, right? Only trigger alarm?