{"id":8110,"date":"2026-03-14T19:21:18","date_gmt":"2026-03-14T17:21:18","guid":{"rendered":"https:\/\/scalemedia.co.za\/cybermedia\/?post_type=docs&#038;p=8110"},"modified":"2026-03-14T21:44:04","modified_gmt":"2026-03-14T19:44:04","password":"","slug":"lab-building-series-ep3","status":"publish","type":"docs","link":"https:\/\/scalemedia.co.za\/cybermedia\/docs\/lab-building-series-ep3\/","title":{"rendered":"\u00a0Lab Building Series: Ep3"},"content":{"rendered":"\n<p>This section focus on configuring Opnsense firewall by installing and setting up the intrusion detection system (IDS) and intrusion prevention system (IPS) features.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">IDS and IPS Explanation<\/h2>\n\n\n\n<p>IDS is a system that detects potential triggers or anomalies in network traffic based on signatures and patterns. IPS is a system tha has the same detection capabilities as IDS, with the added ability to block or deny anomalous traffic.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Initial Configuration<\/h2>\n\n\n\n<p>Now start the Opnsense machine and kali to get access to the web GUI.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img fetchpriority=\"high\" decoding=\"async\" width=\"717\" height=\"497\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-76.png\" alt=\"\" class=\"wp-image-8111\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-76.png 717w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-76-300x208.png 300w\" sizes=\"(max-width: 717px) 100vw, 717px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"481\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77-1024x481.png\" alt=\"\" class=\"wp-image-8112\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77-1024x481.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77-300x141.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77-768x361.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77-1536x722.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-77.png 1893w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>What we need to do is go to the interfaces and setting, We need to disable Hardware CRC,TSO,LRO for our IPS to work correctly and click save.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"391\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78-1024x391.png\" alt=\"\" class=\"wp-image-8113\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78-1024x391.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78-300x115.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78-768x293.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78-1536x587.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-78.png 1900w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"458\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80-1024x458.png\" alt=\"\" class=\"wp-image-8115\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80-1024x458.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80-300x134.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80-768x343.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80-1536x687.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-80.png 1706w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Next we gonna go to services, Intrusion Dection and then to Administration.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"316\" height=\"543\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-81.png\" alt=\"\" class=\"wp-image-8118\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-81.png 316w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-81-175x300.png 175w\" sizes=\"(max-width: 316px) 100vw, 316px\" \/><\/figure>\n\n\n\n<p>Before making any change you need to click the advanced mode button to view all settings, Next check the Enabled box, IPS mode, Promiscuous mode and the interfaces you can keep it to LAN only if you want but for this lab we&#8217;ll use LAN and WAN. Under Detection the pattern matcher should be &#8220;<a href=\"https:\/\/www.youtube.com\/redirect?event=video_description&amp;redir_token=QUFFLUhqbFVVejlXMER0bGVTWXJsTUZxMjNBZGdsRmxlUXxBQ3Jtc0tubld4a0FRVFdLZlViYk1IUFE2TzNfZ2g3YXBHTVBhMHZaU0JLMVMwa0RCeFJtWV84b2NFbWVjZ1ZKYnhtRk1aSV9sUVF0RGFNaVFwdnNmUTVWMXRUWEVDeHZGdzYwV09jWnV2Z0dwYkdVbUtITVF0TQ&amp;q=https%3A%2F%2Fbit.ly%2F3H6DTR3&amp;v=TPKLu4a3A4E\" data-type=\"link\" data-id=\"https:\/\/www.youtube.com\/redirect?event=video_description&amp;redir_token=QUFFLUhqbFVVejlXMER0bGVTWXJsTUZxMjNBZGdsRmxlUXxBQ3Jtc0tubld4a0FRVFdLZlViYk1IUFE2TzNfZ2g3YXBHTVBhMHZaU0JLMVMwa0RCeFJtWV84b2NFbWVjZ1ZKYnhtRk1aSV9sUVF0RGFNaVFwdnNmUTVWMXRUWEVDeHZGdzYwV09jWnV2Z0dwYkdVbUtITVF0TQ&amp;q=https%3A%2F%2Fbit.ly%2F3H6DTR3&amp;v=TPKLu4a3A4E\" target=\"_blank\" rel=\"noopener\">Hyperscan<\/a>&#8220;, The Dectect Profile we will leave it to &#8220;Medium&#8221; because we do not want to have a massive amount of false possitives, on the Home networks we need to specify the subnet on our home network (LAN Subnet)  is using, After everything is set click on Apply.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"992\" height=\"1024\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-194910-992x1024.png\" alt=\"\" class=\"wp-image-8124\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-194910-992x1024.png 992w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-194910-291x300.png 291w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-194910-768x793.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-194910.png 1324w\" sizes=\"(max-width: 992px) 100vw, 992px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Next go to the download tab inside we&#8217;ll create our custom rules, By default opnsense gives us some rules that we can utilise but we&#8217;ll create our custom rules. <\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"421\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545-1024x421.png\" alt=\"\" class=\"wp-image-8126\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545-1024x421.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545-300x123.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545-768x316.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545-1536x632.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/Screenshot-2026-03-14-195545.png 1584w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>We going to use <a href=\"https:\/\/bit.ly\/34SwnMA\" data-type=\"link\" data-id=\"https:\/\/bit.ly\/34SwnMA\" target=\"_blank\" rel=\"noopener\">Suricata<\/a> it allows us to write custom rules<\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-eeec4cee\"\n     id=\"betterdocs-code-snippet-eeec4cee\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-eeec4cee .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>alert tcp any any -&gt; 10.0.3.9 any (msg:&quot;NMAP SYN STEALTH SCAN LIKELY to 10.0.3.9 - multiple SYN no ACK\/dsize0&quot;; flow:to_server,stateless; flags:S; ack:0; dsize:0; threshold:type threshold, track by_src, count 10, seconds 8; priority:3; classtype:attempted-recon; sid:1000102; rev:1;)<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-eeec4cee');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<p>In order to create our custom rules we need to use ssh on our Opnsense but before that let enable this setting. Go to system then setting and Administration. Next enable secure shell, Permit root user login and Permit password login, And click save.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"408\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82-1024x408.png\" alt=\"\" class=\"wp-image-8131\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82-1024x408.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82-300x120.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82-768x306.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82-1536x612.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-82.png 1900w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">FileZilla <\/h2>\n\n\n\n<p>In this section we going to use FileZilla to access files on our Opnsense firewall, We are going to establish SFTP conection to Opnsense so we can access it&#8217;s files. Next open your terminal and type.<\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-mdp2tp6\"\n     id=\"betterdocs-code-snippet-mdp2tp6\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-mdp2tp6 .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>sudo apt-get install filezilla<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-mdp2tp6');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<p>Once installed run this command to open FileZilla<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p> <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"577\" height=\"218\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-83.png\" alt=\"\" class=\"wp-image-8133\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-83.png 577w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-83-300x113.png 300w\" sizes=\"(max-width: 577px) 100vw, 577px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"532\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84-1024x532.png\" alt=\"\" class=\"wp-image-8135\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84-1024x532.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84-300x156.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84-768x399.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84-1536x798.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-84.png 1688w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>To access the server type the host IP, Username and Password as follow<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"108\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-86.png\" alt=\"\" class=\"wp-image-8137\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-86.png 865w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-86-300x37.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-86-768x96.png 768w\" sizes=\"(max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"912\" height=\"382\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-87.png\" alt=\"\" class=\"wp-image-8138\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-87.png 912w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-87-300x126.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-87-768x322.png 768w\" sizes=\"(max-width: 912px) 100vw, 912px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now we have access to into Opnsense root directory<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"597\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-88-1024x597.png\" alt=\"\" class=\"wp-image-8139\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-88-1024x597.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-88-300x175.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-88-768x448.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-88.png 1186w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now we&#8217;ll create two files, the first one is customnmap.rules where will put our rules in our case is nmap scan rules. And a customnmap.xml file.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>customnmap.rules<\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Go to your terminal and type sudo nano <strong>customnmap.rules<\/strong> and past this rules<\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-h9wv3p4\"\n     id=\"betterdocs-code-snippet-h9wv3p4\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-h9wv3p4 .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>alert tcp any any -&gt; 10.0.3.9 any (msg:&quot;NMAP SYN STEALTH SCAN LIKELY to 10.0.3.9 - multiple SYN no ACK\/dsize0&quot;; flow:to_server,stateless; flags:S; ack:0; dsize:0; threshold:type threshold, track by_src, count 10, seconds 8; priority:3; classtype:attempted-recon; sid:1000102; rev:1;)<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-h9wv3p4');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<p><strong> customnmap.xml <\/strong><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Same apply her sudo nano <strong>customnmap.xml<\/strong> and past the xml<\/p>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-it90lco\"\n     id=\"betterdocs-code-snippet-it90lco\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-it90lco .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>&lt;?xml version=&quot;1.0&quot;?&gt;\n&lt;ruleset documentation_url=&quot;http:\/\/docs.opnsense.org\/&quot;&gt;\n  &lt;location url=&quot;http:\/\/10.0.3.3\/&quot; prefix=&quot;customnmap&quot; \/&gt;\n  &lt;files&gt;\n    &lt;file description=&quot;customnmap rules&quot;&gt;customnmap.rules&lt;\/file&gt;\n    &lt;file description=&quot;customnmap&quot; url=&quot;inline::rules\/customnmap.rules&quot;&gt;customnmap.rules&lt;\/file&gt;\n  &lt;\/files&gt;\n&lt;\/ruleset&gt;<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-it90lco');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<p>Note! the customnmap.xml will tell opnsense where to download the rule we have created which is the nmap rules and put the IP Address of you kali machine, To tell opnsense where to get the rules.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"676\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-89-1024x676.png\" alt=\"\" class=\"wp-image-8141\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-89-1024x676.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-89-300x198.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-89-768x507.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-89.png 1062w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now go to filezilla and locate where you created our custom rules in my case is on Documents. And on the Opnsense filewall we going to navigate to usr > local > opnsense > scripts > suricata > metadata > rules and we going to transfer our xml files here by Drag and drop.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"397\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-90-1024x397.png\" alt=\"\" class=\"wp-image-8143\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-90-1024x397.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-90-300x116.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-90-768x298.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-90.png 1186w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Next let&#8217;s go to our terminal where we stored our rules in my case the Documents directory and set up a python3 http server to download our rules into Opnsense<\/p>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-kssa28d\"\n     id=\"betterdocs-code-snippet-kssa28d\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-kssa28d .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>python3 -m http.server 8002<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-kssa28d');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"812\" height=\"240\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-91.png\" alt=\"\" class=\"wp-image-8145\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-91.png 812w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-91-300x89.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-91-768x227.png 768w\" sizes=\"(max-width: 812px) 100vw, 812px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now open Opnsense Web GUI, go to Services > Intrusion Dection > Administration > Download tab, And restart the service<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"394\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92-1024x394.png\" alt=\"\" class=\"wp-image-8147\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92-1024x394.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92-300x115.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92-768x295.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92-1536x591.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-92.png 1893w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"143\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93-1024x143.png\" alt=\"\" class=\"wp-image-8148\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93-1024x143.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93-300x42.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93-768x107.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93-1536x214.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-93.png 1591w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now if you check on the rules section you will see our custom rules, you going to select it and click on Enable selected<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"388\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-95-1024x388.png\" alt=\"\" class=\"wp-image-8150\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-95-1024x388.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-95-300x114.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-95-768x291.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-95.png 1176w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Once done click on Download &amp; Update Rules<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"423\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-96-1024x423.png\" alt=\"\" class=\"wp-image-8151\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-96-1024x423.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-96-300x124.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-96-768x318.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-96.png 1526w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"237\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-97-1024x237.png\" alt=\"\" class=\"wp-image-8153\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-97-1024x237.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-97-300x69.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-97-768x177.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-97.png 1363w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Next click on rules tab, you can see we have our custom rules. Click on info to view rules description.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"328\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98-1024x328.png\" alt=\"\" class=\"wp-image-8155\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98-1024x328.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98-300x96.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98-768x246.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98-1536x492.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-98.png 1598w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"359\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99-1024x359.png\" alt=\"\" class=\"wp-image-8156\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99-1024x359.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99-300x105.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99-768x269.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99-1536x538.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-99.png 1548w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now if you click on Alerts tab this is the place we&#8217;ll see all our alerts are captured.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"291\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100-1024x291.png\" alt=\"\" class=\"wp-image-8158\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100-1024x291.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100-300x85.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100-768x218.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100-1536x437.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-100.png 1590w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now let&#8217;s try to scan our Opnsense firewall using nmap.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"betterdocs-code-snippet-wrapper theme-light betterdocs-code-snippet-691x5fo\"\n     id=\"betterdocs-code-snippet-691x5fo\"\n     data-language=\"typescript\"\n     data-copy-button=\"true\">\n\n            <div class=\"betterdocs-code-snippet-header betterdocs-file-preview-header\">\n        <div class=\"betterdocs-file-preview-left\">\n                            <div class=\"betterdocs-traffic-lights\">\n                    <span class=\"traffic-light traffic-light-red\"><\/span>\n                    <span class=\"traffic-light traffic-light-yellow\"><\/span>\n                    <span class=\"traffic-light traffic-light-green\"><\/span>\n                <\/div>\n            \n            <div class=\"betterdocs-file-info\">\n                                    <div class=\"betterdocs-file-icon\">\n                                                    <span class=\"betterdocs-file-icon-emoji\">\ud83d\udcd8<\/span>\n                                            <\/div>\n                \n                                    <div class=\"betterdocs-file-name\">\n                        <span class=\"file-name-text\">filename.js<\/span>\n                    <\/div>\n                            <\/div>\n        <\/div>\n\n        <div class=\"betterdocs-file-preview-right\">\n                            <div class=\"betterdocs-code-snippet-copy-container\">\n                    <button class=\"betterdocs-code-snippet-copy-button\"\n                            type=\"button\"\n                            data-clipboard-target=\"#betterdocs-code-snippet-691x5fo .betterdocs-code-snippet-code code\"\n                            aria-label=\"Copy code to clipboard\">\n                        <svg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                            <path d=\"M16 1H4C2.9 1 2 1.9 2 3V17H4V3H16V1ZM19 5H8C6.9 5 6 5.9 6 7V21C6 22.1 6.9 23 8 23H19C20.1 23 21 22.1 21 21V7C21 5.9 20.1 5 19 5ZM19 21H8V7H19V21Z\" fill=\"currentColor\"\/>\n                        <\/svg>\n                    <\/button>\n                                    <\/div>\n                    <\/div>\n        <\/div>\n    \n    <div class=\"betterdocs-code-snippet-content\">\n        \n        <pre class=\"betterdocs-code-snippet-code language-typescript\"><code>sudo nmap -sS -Pn --top-ports 500 10.0.3.9<\/code><\/pre>\n    <\/div>\n<\/div>\n\n<script type=\"text\/javascript\">\ndocument.addEventListener('DOMContentLoaded', function() {\n    \/\/ Initialize copy functionality for this specific snippet\n    const snippet = document.getElementById('betterdocs-code-snippet-691x5fo');\n    if (snippet && window.BetterDocsCodeSnippet) {\n        window.BetterDocsCodeSnippet.initCopyButton(snippet);\n    }\n});\n<\/script>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"845\" height=\"467\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-101.png\" alt=\"\" class=\"wp-image-8159\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-101.png 845w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-101-300x166.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-101-768x424.png 768w\" sizes=\"(max-width: 845px) 100vw, 845px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Let go to Opnsense and check for the alerts, we need to restart the service once again.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"261\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103-1024x261.png\" alt=\"\" class=\"wp-image-8162\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103-1024x261.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103-300x76.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103-768x195.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103-1536x391.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-103.png 1580w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"375\" src=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104-1024x375.png\" alt=\"\" class=\"wp-image-8163\" srcset=\"https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104-1024x375.png 1024w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104-300x110.png 300w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104-768x282.png 768w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104-1536x563.png 1536w, https:\/\/scalemedia.co.za\/cybermedia\/wp-content\/uploads\/2026\/03\/image-104.png 1582w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>As we can see our rules has been triggered, Great all the best for the next series \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This section focus on configuring Opnsense firewall by installing and setting up the intrusion detection system (IDS) and intrusion prevention system (IPS) features. IDS and IPS Explanation IDS is a system that detects potential triggers or anomalies in network traffic based on signatures and patterns. IPS is a system tha has the same detection capabilities&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"doc_category":[47],"doc_tag":[],"class_list":["post-8110","docs","type-docs","status-publish","hentry","doc_category-cyber-security-lab-building"],"year_month":"2026-04","word_count":681,"total_views":0,"reactions":{"happy":0,"normal":0,"sad":0},"author_info":{"name":"admin","author_nicename":"admin","author_url":"https:\/\/scalemedia.co.za\/cybermedia\/author\/admin\/"},"doc_category_info":[{"term_name":"Cyber Security lab building","term_url":"https:\/\/scalemedia.co.za\/cybermedia\/docs-category\/cyber-security-lab-building\/"}],"doc_tag_info":[],"_links":{"self":[{"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/docs\/8110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/types\/docs"}],"author":[{"embeddable":true,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/comments?post=8110"}],"version-history":[{"count":18,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/docs\/8110\/revisions"}],"predecessor-version":[{"id":8213,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/docs\/8110\/revisions\/8213"}],"wp:attachment":[{"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/media?parent=8110"}],"wp:term":[{"taxonomy":"doc_category","embeddable":true,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/doc_category?post=8110"},{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/scalemedia.co.za\/cybermedia\/wp-json\/wp\/v2\/doc_tag?post=8110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}