My Community Dashboard

  • I commented on an earlier post regarding this very same issue, but after several days no responses so I thought I'd risk it and start a new thread on this subject.

    Having used one of the first ClarkConnect versions for years and having updated to one of the first ClearOS versions in about 2003 or 2004, (I think), and I have used this older version successfully at my home/office for many years. I just now upgraded my ClearOS to 6.6.0 final (the latest release I could locate), with the IPS/IDS installed. My old ClearOS/ClarkConnect would always block and set an IP in the blocked IP list for some kiddy scripts and sometimes something a bit more malicious. However, this new version with the free included rules/signatures never seems to block an IP or at least never shows any blocked IPs. Other than that, for my simple home office use, ClearOS 6.6.0 is working very well.

    Having checked the snort.php file, it appears to have changed significantly and trying the hack mentioned in an earlier post to add some php code at line 185 appears to not be a prudent thing to attempt.

    Has this been resolved? Again, there is a perception that something is not quite right. Basic blocking for common attacks should be working and should show the offending IP.

    It also appears that there are those that feel this should not even be a part of the installation or available in the store. Is it best to not even run these tools with the stock rules?

    Thanks for any information or thoughts.

    JohnJ