PfSense

Review configuration options for PfSense firewalls in RocketCyber

Malware Checks for a variety of common malware attacks
DoS attack Checks for 16 different types of Denial of Service (DoS) attack
DNS spoof attack

Checks for attempts to give invalid DNS resolution.

For example, a malicious actor may attempt to convince your network that www.google.com should direct users to a server he controls rather than the real site.

Communication from malicious URL Checks for traffic from known malicious URLs

Log Format

The expected format for PfSense logs is comma-separated.  For example

<134>May 29 16:35:12 filterlog: 5,,,1000000003,mbeta1,match,block,in,6,0x00,0x4f7a6,1,UDP,17,38,fe80::7ca4:27a3:9a83:2750,ff02::1:4,56244,5345,38