software based firewall recommendation?

[n0cmonkey]

Originally posted by: Brazen
m0n0wall and IPCop, yeah, those are the kind of things I'm looking for. I'll check those two out.

Originally posted by: Boscoh
OpenBSD. It's probably the most secure, open-source free software out there.

If you're going to be setting up any kind of IDS or IPS, understand that you're going to spend a few weeks tuning it so it doesnt block your boss when they go to surf the web. IDS/IPS's really love to block anything the boss does, and they always seem to know who the boss is.

Might want to put the device in monitor-only mode for a while until you have an idea of what is legit and what should be blocked. Then implement on a weekend and simulate everything that your users do before you leave.

Right now, my problem is getting Snort to work period on a Fedora Core router I've set up. That's why I'm trying to find a preconfigured system, like redwall, or m0n0wall.

Snort's cake to setup. What problems are you having?

Plus, that should be run on a seperate machine. Nothing like snort vulnerabilities to kill your firewall.

 

[Brazen]

Originally posted by: n0cmonkey

Snort's cake to setup. What problems are you having?

Plus, that should be run on a seperate machine. Nothing like snort vulnerabilities to kill your firewall.

I don't exactly remember the problems now. It's been a couple weeks. I got it installed, using yum, dak's repository I think (yeah I'm breaking some ground there, installing with yum). I was pretty much lost after that. I think I couldn't get it to start in inline mode.