What's new

Build Your Own IDS Firewall With PFSense

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

firewall---->proxy---->network

There are two kinds of proxies. Your company uses a forward proxy to limit where your employees are permitted to surf. ISPs use proxies to limit the options that their members have. They don't limit destination web sites (although they could exclude known porn sites), but they limit their members to HTTP and FTP. This limits some of their hacking options. Also, the queries to the remote web sites appear to be coming from the proxy instead of from the individuals user's terminal because the proxy masks the user address by replacing it with its own.

I know what a proxy is, thanks.

The question I had, was a contextual one, what does the non-sequitur of "firewall---->proxy---->network" have to do with this thread? How does it further any understanding? Relate in some way to pfSense, ClearOS, Intrusion Detection, Snort, or a big honking machine running a router distro in overkill?
 
I know what a proxy is, thanks.

The question I had, was a contextual one, what does the non-sequitur of "firewall---->proxy---->network" have to do with this thread? How does it further any understanding? Relate in some way to pfSense, ClearOS, Intrusion Detection, Snort, or a big honking machine running a router distro in overkill?

Its added security almost for nothing simple
 
I liked the article and used it in part to set up my router... But I guess I did a pretty big no no as well as far as how i set up everything. I built a low power server, duel core I3, and loaded ESXi 5 on it, and the pfsence for firewall, a zfs server based on zfs/open indinana with 9tb of storage, and a few other os's to play with. I am looking for a good software to run dnla server on to server movies to everything on my network.
 
It depend how snort is set up if it acctually drops the packages.
I prefer smootwall express, but to block something wich snort gives an alert for
an addon is required. Snort with guardian drops the packages, and when it comes to snort you have to tweak but you do it only once.

I know there is a lot of false/positive alerts as in a home network is different from a corporate as snort is ment for.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top