Jump to content
Hak5 Forums

Recommended Posts

Anybody use Snort?

I consulting on a business that has limited resources so i am looking to cut some cost, as most of the funds were spent upgraded their end user hardware and migrating necessary software to a cloud solution.  They are currently using their firewall to do everything routing, DHCP, IDS, VPN and overall network management.  A lot of those features require licences yearly, while i have already managed to repurpose some of their switches for internal routing and network management and used one of the left over servers for a DHCP server.  I wanted to see if snort would be a viable solution for IDS  so that they could have active live alerts not just someone checking the firewall.



Share this post

Link to post
Share on other sites

Snort is only going to be able to detect what is sent at it's IP or if it is set up as a network tap what is sent at the IP it is between.  PFSense is another viable firewall that lets you see activity.  Snort itself is not going to monitor the entire network though.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.