[Snort-users] Choosing a firewall with Snort

Kevin Ross kevross33 at ...14012...
Wed Sep 26 03:59:32 EDT 2012

Do you mean one which includes snort built in or as an easy to install
package? If so I recommend pfsense, it isn't IPS in terms of it will drop
packets inline but it will block the attacker but make sure you tune it
(for some reason for the time being though during updates it doesn't
remember what specific rules you have disabled so run it a while, disable
and enable rulle categories and specific rules giving you bother use the
threshold.conf screen). It is an excellent firewall though and you can do
things like geoip blocking with pfblocker, VPNs, excellent firewall rule
flexibility and advanced features and more (including proxy packages). It
has certainly been great for me in a home environment although I am not
sure in a work environment as I work in a very large organization and we
use appliance based firewalls.

Hope that helps you. Other options are smoothwall (updates seemed to stop
when I moved from it to pfsense), Astaro and there will be others too.


On 26 September 2012 07:33, Pratik Narang <pratik.cse.bits at ...11827...> wrote:

> Hi all,
> Any recommendations for Open source Firewall/UTM solutions which go well
> with Snort IPS ?
> Thanks.
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120926/9cb532b4/attachment.html>

More information about the Snort-users mailing list