I already install and configure in Security onion on Ubuntu 12.04. When I open Snorby after that detect something but not block anything. So, I want to know, Security Onion can block some file, IP address or can not.
Any Idea please?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hello,

Can you perhaps go into a bit more detail? It’s not clear exactly what is happening with the limited information provided.

Also keep in mind, it appears that their software suggests it’s only compatible with Ubuntu 14.04 so you may want to consider using an Ubunt 14.04 droplet and see if your problems persist.

Submit an Answer