Security Basics mailing list archives
Re: Snort as Firewall (WinXP)
From: Kenton Smith <listsks () yahoo ca>
Date: Mon, 23 Jan 2006 16:05:31 -0500 (EST)
Well I'm certainly of the opinion that Snort is an IDS, particularly on a Windows machine. My understanding of anykind of "firewalling" that can be done with Snort has to be done using IPTables/Netfilter. Without knowing your reasoning, I think you're setting yourself up for much poorer security by choosing to use a product that isn't a firewall when there are perfectly good firewall products available. Kenton ------- Original Message ------ Date: Sun, 22 Jan 2006 07:56:12 +0530 From:"Neil" <neil () voidfx net> To:security-basics () securityfocus com Subject: Snort as Firewall (WinXP) Has anyone here ever tried using Snort as a firewall, particularly on a Windows box? I was toying around with the idea of using it as a firewall for my laptop (not an enterprise).
From what I've read, a couple people have tried, but
most people were of the opinion to use Snort as an IDS, and have a separate firewall. If anyone has done it, do you recommend it? Why/why not? For those who are against using it as a firewall, again, why? Thanks for the input. -- Neil. http://voidfx.net "Lord, grant me the strength to accept the things I cannot change, the courage to try to change the things I can, and the wisdom to hide the bodies of the people I had to kill because they pissed me off." --Anonymous --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- __________________________________________________________ Find your next car at http://autos.yahoo.ca --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Snort as Firewall (WinXP) Neil (Jan 23)
- Re: Snort as Firewall (WinXP) coder (Jan 24)
- Re: Snort as Firewall (WinXP) shrek-m () gmx de (Jan 25)
- Re: Snort as Firewall (WinXP) coder (Jan 26)
- Re: Snort as Firewall (WinXP) Neil (Jan 30)
- Re: Snort as Firewall (WinXP) Tony Barry (Jan 30)
- Re: Snort as Firewall (WinXP) coder (Jan 26)
- <Possible follow-ups>
- RE: Snort as Firewall (WinXP) Shain Singh (Jan 24)
- Re: Snort as Firewall (WinXP) Kenton Smith (Jan 24)