What does portsentry and snort do and where can I get them?
-----Original Message-----
From: Bill Carlson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 18, 2000 8:26 AM
To:
Subject: Re: OT: Cisco 2524
On Mon, 17 Apr 2000, Graham Hemmings wrote:
> Linux is great as a firewall but only does packet filtering - correct me
if
> I'm wrong - I'm sure someone will.
> The standard IOS that comes with Cisco routers can only do basic filtering
> (in terms of firewalls), I would recommend using the firewall IOS (the
> extra RAM would be useful) which has some stateful inspection features
that
> are more secure.
The nice thing about using Linux as a firewall is you can add software as
you go. So if you feel the need to go beyond packet filtering, you can
start using tools like portsentry and snort. Not to mention have the
firewall email or page when there is a problem. The options are pretty
much limitless, where with Cisco you are pretty much stuck with what IOS
does or Cisco will sell you.
Personally, given some of the history with IOS, I'd rather use an open
source product (yes, I know IOS is completely secure and stable...until it
isn't).
$.02
Bill Carlson
------------
Systems Programmer [EMAIL PROTECTED] | Opinions are mine,
Virtual Hospital http://www.vh.org/ | not my employer's.
University of Iowa Hospitals and Clinics |
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
