News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Intrusion Detections
Pages: [1]
Topic: Intrusion Detections  (Read 3149 times)
« on: April 25, 2007, 19:36:27 »
ip4you *
Posts: 2
hello,

have the monowall Intrusion Detections?

best regards
harald
« Reply #1 on: April 26, 2007, 00:45:15 »
cmb *****
Posts: 851
No, m0n0wall is a L2-L4 firewall/router designed for embedded hardware, which generally don't have the resources to be a full blown IDS. That's something that requires much more CPU and RAM than available on such platforms.
« Reply #2 on: April 26, 2007, 23:25:51 »
darklogic *
Posts: 45
Check out pfsense if you are looking for something like snort.
« Reply #3 on: May 13, 2007, 03:55:45 »
falcor *
Posts: 17
Or build a IDS (snort or something) box and span it with the external port of your firewall.  Making a single point of failure, putting all your eggs in one basket, and expecting your firewall to be a Swiss Army Knife network appliance is dangerous if not simply foolish.
« Reply #4 on: May 20, 2007, 07:57:08 »
iMav *
Posts: 17
Quote from: falcor on May 13, 2007, 03:55:45
Or build a IDS (snort or something) box and span it with the external port of your firewall.  Making a single point of failure, putting all your eggs in one basket, and expecting your firewall to be a Swiss Army Knife network appliance is dangerous if not simply foolish.
I don't see how including IDS functionality within your firewall has anything to do with it being a single point of failure.  If you have a single firewall at your perimeter, it IS a single point of failure.  Lack of added services does not change that fact.  Smiley
http://www.uhhh.org/~lherzog/penguin.gif-=iMav=-
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines