PFSense - Suricata - Alerts
See Suricata Redmine site for further information.
Disable an entire group of rules
ET CINS Active Threat Intelligence Poor Reputation IP
ET DROP Dshield Block Listed Source group 1
ET POLICY PE EXE or DLL Windows file download HTTP
ET SCAN Internal Dummy Connection User-Agent Inbound
ET SCAN Possible WordPress xmlrpc.php BruteForce in Progress - Response
ET SCAN Sipvicious User-Agent Detected (friendly-scanner)
ET TOR Known Tor Exit Node Traffic group 60
ET TROJAN DNS Reply Sinkhole - Anubis - 195.22.26.192/26
SURICATA Applayer Mismatch protocol both directions
SURICATA Applayer Wrong direction first Data
SURICATA HTTP Host header invalid
SURICATA HTTP Request line incomplete
SURICATA HTTP Request unrecognized authorization method
SURICATA HTTP unable to match response to request
SURICATA ICMPv4 invalid checksum
SURICATA IKEv2 weak cryptographic parameters (Auth)
SURICATA IKEv2 weak cryptographic parameters (Diffie-Hellman)
SURICATA IKEv2 weak cryptographic parameters (Encryption)
SURICATA IKEv2 weak cryptographic parameters (PRF)
SURICATA STREAM 3way handshake SYNACK with wrong ack
SURICATA STREAM 3way handshake SYNACK resend with different ack
SURICATA STREAM 3way handshake SYN resend different seq on SYN recv
SURICATA STREAM 3way handshake wrong seq wrong ack
SURICATA STREAM bad window update
SURICATA STREAM CLOSEWAIT FIN out of window
SURICATA STREAM ESTABLISHED invalid ack
SURICATA STREAM ESTABLISHED packet out of window
SURICATA STREAM excessive retransmissions
SURICATA STREAM FIN invalid ack
SURICATA STREAM FIN out of window
SURICATA STREAM Packet with invalid ack
SURICATA STREAM Packet with invalid timestamp
SURICATA STREAM reassembly overlap with different data
SURICATA STREAM SHUTDOWN RST invalid ack
SURICATA STREAM TIMEWAIT ACK with wrong seq
SURICATA UDPv4 invalid checksum
SURICATA TLS invalid handshake message
SURICATA TLS invalid record/traffic
SURICATA TLS invalid record type
SURICATA TLS invalid TLS header