Dirk Tilger wrote: > That really depends on how critical you consider your system. Firewalls > can be hacked themselves, too. > > In your setup snort won't probably be able to look into the VPN traffic. > However, when you outgoing traffic is more or less unrestricted, snort > can help you detecting attacks running from your network, such as > viruses scanning the Internet or your parents hacking military > installations. If that's not something you would be happy to know, > you're better off without it.
Ofcourse firewalls can be hacked themselves, but with no services running except one random port for openvpn I'm hoping its pretty tightly sealed. While ignorance really is bliss, being what we are, I'll rather like to know what's going on in my network and what scans are happening on my public port!
