Has anyone here ever tried using Snort as a firewall,
particularly on a
Windows box? I was toying around with the idea of using it as a
firewall for my laptop (not an enterprise).
From what I've read, a couple people have tried, but most
people were of
the opinion to use Snort as an IDS, and have a separate firewall.
If anyone has done it, do you recommend it? Why/why not?
For those who are against using it as a firewall, again, why?
I have not had any experience using Snort as a firewall on a Windows
box, but have used this in an enterprise
environment with varied results.
I guess the arguments for and against would be not limited to Snort -
but would become a discussion on the pros and
cons of having a firewall log everything for analysis over a firewall
that runs IDS software. This I believe will be more of
a judgement call as opposed to one method being better than another.
--
Shaineel Singh
MakePeace Media LTD
http://mpm.org.au/shsingh
This communication, including any attachments, is confidential. If you are not
the intended recipient, you should not read it - please contact me immediately,
destroy it, and do not copy or use any part of this communication or disclose
anything about it.
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
