Criticism on the site

Hack3rcon · October 15, 2023, 5:32am

Hello to all Suricata-IDS developers,
First of all, thank you so much for this great forum.
I have a criticism on this site and I request all developers and experts on the site to prepare tutorial articles for the site. Unfortunately, some topics that are very useful do not have proper training on the site. I myself have a problem about starting Suricata in AF_PACKET IPS mode and although this mode is very useful, I still haven’t received a proper answer to my questions.

Thank you so much.

lukashino · October 16, 2023, 9:25pm

Hi Jason,

Thank you for your appreciation and constructive feedback.
I believe our team has attempted to assist, but it appears the challenges faced might not be directly related to Suricata. We are committed to responding to Suricata forum posts and other social channels on a best-effort basis, which means we address issues as promptly as our resources allow.
However, in our effort, we try to foster the community (and it might not always work out I guess?). At the same time, we are grateful for the community we have, that shows us support and contributes to the open-source idea of the project. We can think of tutorials for individual runmodes and look into enhancing our documentation as we know the crucial role of well-written documentation.

Cheers,
Lukas

Hack3rcon · October 19, 2023, 10:36am

Hi Lukas,
Thank you so much.
I agree, but a bunch of things like Suricata-IDS setup training in different modes should already be on the site. I had provided enough information and reports in the questions I asked, but unfortunately I did not receive an answer.
This is a weakness.

Andreas_Herz · October 26, 2023, 8:28pm

We have a very verbose documentation and people from the community are welcome to add more documentation and guidelines.

It also needs to be emphasized that Suricata is an “expert” tool that requires basic or even advanced knowledge of networking, operating systems and related techniques. Teaching all those basics is out of scope and can be found on different places and in literature.

You opened several new topics and you received a lot of replies, follow-up questions and recommendations.

If you need a full guidance for each step, there are paid training offerings or support.
Especially for non-standard environments and setups it will become quite complex and is somehow out of scope of a free service.

Please follow the suggestions you received in the different topics.

Hack3rcon · October 27, 2023, 8:27am

Hello,
Thanks, but you haven’t read my posts completely. I have gone through all the steps and I think many people have the same problem as me. For example, please take a look at https://forum.suricata.io/t/suricata-ids-does-not-work-in-af-packet-ips-mode/

Topic		Replies	Views
Looking for a Suricata consultant Help	1	347	April 20, 2021
We want to hear from you! suricon	2	776	September 9, 2021
Outreachy contributions discussions Outreachy	33	1089	November 6, 2021
[Free Workshop] Hands on with Suricata Language Server - Eric Leblond Rules suricata	0	377	March 9, 2022
Need for a tips and trick category? Site Feedback	10	794	March 28, 2020

Criticism on the site

Related Topics