Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IDS/IPS open source software


  • Please log in to reply
4 replies to this topic

#1 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:08:12 PM

Posted 11 February 2014 - 02:49 AM

Hi everyone,

 

Anyone have any experience with IDS/IPS open source software?

 

I've been looking at a few different projects recently and considering pushing this into my work network.

 

Recommendations? Experiences good or bad?

 

Thanks

 

TsVk!



BC AdBot (Login to Remove)

 


#2 Greg62702

Greg62702

  • Banned
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 AM

Posted 11 February 2014 - 08:43 AM

Last time I was running pfsense as my router.  It does have a learning curve, for what you are wanting to do.



#3 TsVk!

TsVk!

    penguin farmer

  • Topic Starter

  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:08:12 PM

Posted 11 February 2014 - 03:29 PM

We're already running M0n0wall..., thanks though.

 

now I'm considering actual packet analysis software, as a 3rd line of defense.

 

Looking at Snort now, as it's already part of Aptitude it's easy enough to install... anyone have experiences?


Edited by TsVk!, 11 February 2014 - 03:49 PM.


#4 Greg62702

Greg62702

  • Banned
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 AM

Posted 11 February 2014 - 08:46 PM

All the info you need is on the Snort website.  Their forum is the best place for questions regarding Snort.  It really comes down to what you plan on using Snort for.  It like any tool has a learning curve.  It also can be used for purposes that is not meant to safeguard the network.



#5 TsVk!

TsVk!

    penguin farmer

  • Topic Starter

  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:08:12 PM

Posted 11 February 2014 - 08:54 PM

I have read the website and the manual, installed the project (was cached on aptitude) and I'm testing the application... Thanks for the ?pointer?, but not really what I was looking for in terms of this thread though.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users