Results 1 to 3 of 3
  1. #1
    Newbie
    Join Date
    Oct 2020
    Posts
    2

    Smile IPS Warnings and Crashes

    Hello,

    I've recently bought the home pro license for untangle. I enabled IPS and found that it tends to stop reporting attacks. It seems to "crash" at least once per day. What I've seen is that the process shows as running. Yet it stops logging and\or blocking any attacks. I simply disable then enable IPS and it works agian for the day.

    I was getting an error with the modbus signatures. I resolved it by disabling the sigs for it. However, I am now getting a new warning regarding checksum files.

    opening hash file /etc/suricata/fileextraction-chksum.list: No such file or directory
    error parsing signature "reject http any any -> any any ( msg:"Black list checksum match and extract MD5"; filemd5:fileextraction-chksum.list; filestore; sid:28; rev:1; )" from file /etc/suricata at line 28931
    opening hash file /etc/fileextraction-chksum.list: No such file or directory
    error parsing signature "reject http any any -> any any ( msg:"Black list checksum match and extract SHA1"; filesha1:fileextraction-chksum.list; filestore; sid:29; rev:1; )" from file /etc at line 28932
    opening hash file //fileextraction-chksum.list: No such file or directory
    error parsing signature "reject http any any -> any any ( msg:"Black list checksum match and extract SHA256"; filesha256:fileextraction-chksum.list; filestore; sid:30; rev:1; )" from file / at line 28933

    Any help would be greatly appreciated!

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,210

    Default

    Version of UT? How long has it been online?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Oct 2020
    Posts
    2

    Default

    Hey sorry, I should have known to post the version.
    Build: 15.1.1.20200905T150556.8ca624f09e-1buster
    Kernel: 4.19.0-8-untangle-amd64

    It is a pretty recent deployment. It's only be online for a few weeks. It was a fresh install of 15.1.

    I am running it on Hyper-V 2019.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2