I think checkpoint has been reading the mailing list ;) http://it.slashdot.org/article.pl?sid=05/10/06/1640258&tid=172&tid=218
I've said it before, pfSense is the only open source FW that comes close to (and exceeds in some aspects) commercial offerings like checkpoint. On Thu, 2005-09-22 at 09:09 +0200, Tommaso Di Donato wrote: > On 9/22/05, sai <[EMAIL PROTECTED]> wrote: > from: http://snort2c.sourceforge.net/ > <quote>Notes > It lacks "autodisable blocks" support for blocked ips. > Its not recommended use snort2c in production environments > or critical systems. > </quote> > > Whats 'autodisable block' ? > > In my experience, "autodisable block" means that a blocked IP will > return to be permitted after x minutes. It is very usefull, because > prevents that an attacker will lock you out using a lot of spoofed > IPs... > My personal opinion is that an IPS is something too difficult to > tune-up.. so pay attention! > Tom > > > >
