Why bridge? Do you want to hide evrything? Its not that hard to fingerprint a pfS bridge. If you have practical reasons, sure go ahead. 29. sep. 2014 21:28 skrev "Roberto Carna" <robertocarn...@gmail.com> følgende:
> Ok, and do you recommend to setup the Pfsense WAN and LAN interfaces > in bridge mode with firewall rules enabled ??? > > Really thanks, > > Roberto > > > > 2014-09-29 16:15 GMT-03:00 Espen Johansen <pfse...@gmail.com>: > > Depends on what you want. A splitt design is normaly better and safer > then a > > all in one box. If you want suricata +snorby and barnyard its not > > recommended to run it all on pfsense. There are many deps. that will > cause a > > security nightmare and you will probably run out of hw resources as well. > > > > OK, thanks, the last please: > > > > Do you recommend to install an IPS in a Virtual Machine like Vmware > > ??? Because we have VMweare for all our servers. > > > > Regards, > > > > 2014-09-29 15:39 GMT-03:00 Anastasios Stefos < > anastasios.ste...@gmail.com>: > >> Roberto > >> > >> Here is a good place to start regarding Suricata or Snort. > >> > >> > >> > http://www.linux.org/threads/suricata-the-snort-replacer-part-1-intro-install.4346/ > >> > >> > >> > >> --- > >> Anastasios Stefos > >> ´αίέν άριστεύειν > >> > >> On Mon, Sep 29, 2014 at 2:34 PM, Roberto Carna < > robertocarn...@gmail.com> > >> wrote: > >>> > >>> Dear Ivo and people, just three short questions: > >>> > >>> 1) Using Suricata, can I enable the IPS mode as I can using Snort ??? > >>> > >>> 2) In IPS mode, do I have to have 3 interfaces in my server ??? > >>> > >>> 3) The only way to view the IPS blocking events is from into Pfsense > >>> or can I use Snorby ??? > >>> > >>> Thanks again, > >>> > >>> Roberto > >>> > >>> Thanks again, > >>> > >>> Roberto > >>> > >>> > >>> > >>> 2014-09-29 14:37 GMT-03:00 Ivo Tonev <i...@tonev.pro.br>: > >>> > Use suricata > >>> > > >>> > On Sep 29, 2014 2:27 PM, "Roberto Carna" <robertocarn...@gmail.com> > >>> > wrote: > >>> >> > >>> >> Dear, I need to know if it's possible to setup Pfsense with Snort to > >>> >> get an IPS (Intrusion Prevention System), and in this case what is > the > >>> >> graphical interface used to view events and dropped traffic. > >>> >> > >>> >> Thanks a lot, > >>> >> > >>> >> Roberto > >>> >> _______________________________________________ > >>> >> List mailing list > >>> >> List@lists.pfsense.org > >>> >> https://lists.pfsense.org/mailman/listinfo/list > >>> > > >>> > > >>> > _______________________________________________ > >>> > List mailing list > >>> > List@lists.pfsense.org > >>> > https://lists.pfsense.org/mailman/listinfo/list > >>> _______________________________________________ > >>> List mailing list > >>> List@lists.pfsense.org > >>> https://lists.pfsense.org/mailman/listinfo/list > >> > >> > >> > >> _______________________________________________ > >> List mailing list > >> List@lists.pfsense.org > >> https://lists.pfsense.org/mailman/listinfo/list > > _______________________________________________ > > List mailing list > > List@lists.pfsense.org > > https://lists.pfsense.org/mailman/listinfo/list > > > > _______________________________________________ > > List mailing list > > List@lists.pfsense.org > > https://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
