Home page logo

basics logo Security Basics mailing list archives

RE: Snort as Firewall (WinXP)
From: "Shain Singh" <Shain.Singh () aapt com au>
Date: Tue, 24 Jan 2006 09:22:52 +1100

Has anyone here ever tried using Snort as a firewall, 
particularly on a
Windows box?  I was toying around with the idea of using it as a
firewall for my laptop (not an enterprise).

From what I've read, a couple people have tried, but most 
people were of
the opinion to use Snort as an IDS, and have a separate firewall.

If anyone has done it, do you recommend it? Why/why not?
For those who are against using it as a firewall, again, why?

I have not had any experience using Snort as a firewall on a Windows
box, but have used this in an enterprise 
environment with varied results.

I guess the arguments for and against would be not limited to Snort -
but would become a discussion on the pros and
cons of having a firewall log everything for analysis over a firewall
that runs IDS software. This I believe will be more of
a judgement call as opposed to one method being better than another.

Shaineel Singh
MakePeace Media LTD

This communication, including any attachments, is confidential. If you are not the intended recipient, you should not 
read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose 
anything about it.

The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]