hi all, i have deployed pfsense since its earliest versions and it has simply proven to be one of the best pieces of software that i have ever used. i have had several calls now from clients asking me questions about network security in light articles like this one:
http://finance.yahoo.com/news/Report-Global-cyberattack-apf-4118716199.html and the obvious question is how to protect a network against such an attack. assuming that i have configured pfsense correctly and that i have an additional firewall on my servers, and that i have tcpwrappers and selinux running, what else can one do? i am aware of snort, etc, but these attacks appear to be related to specially crafted e-mails that infect the workstation (unbeknownst to the antivirus) and start accessing and sending files over the wire on legitimate ports. other than snort, are they things that i should be doing (most notably inbound lan rules) in order to defend against threats? many thanks m
