I'd read that embedded pfsense 1.2.3 was going to have some package support
but I was pleasantly surprised to see snort!
I've always understood Snort on embedded to be a bad idea -- certainly for
the obvious reasons (limited embedded CPU power), but also due to the write
limitations of flash memory. I might venture that my IDS/IPS needs are few.
Essentially All I want is to know (and respond) if anyone's beating on my
SSH & VPN ports. Hopefully I would also be able to blacklist IP's that are
brute-forcing my SIP ports.
I haven't yet played with snort, but I'm wondering if it's reasonable to run
it on an embedded Soekris 5501-70. We have a meager 6 megabit symmetric
DIA pipe. Is it within scope of an embedded system for the 'lite' IDS/IPS
needs I've described?
Pontification welcome!
-Karl
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
