[ previous ] [ next ] [ threads ]
 
 From:  "Adriel T. Desautels" <atd at secnetops dot com>
 To:  Ugo Bellavance <ugob at camo dash route dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: m0n0wall - Snort ;]
 Date:  Mon, 20 Jun 2005 18:47:30 -0400
No doubt,
    I don't think I ever called m0n0wall a bad product or even hinted that it
was. In fact, I think its a great product! I was just speaking from experience
and what I feel best practices are.

    As for budget, well, you can implement separate IDS + Firewall for under
$500.00 on a small network if you use freeware and the right hardware. Want me
to post some links for you?



----- Message from ugob at camo dash route dot com ---------
    Date: Mon, 20 Jun 2005 18:26:08 -0400
    From: Ugo Bellavance <ugob at camo dash route dot com>
Reply-To: Ugo Bellavance <ugob at camo dash route dot com>
Subject: [m0n0wall]  Re: m0n0wall - Snort ;]
      To: m0n0wall at lists dot m0n0 dot ch


> Adriel T. Desautels wrote:
>> Also,
>>    By introducing snort into the m0n0wall firewall you're introducing
>> another
>> potential attack vector. If someone is able to compromise your system via a
>> vulnerability in snort (there have been a few good ones) then they have
>> control
>> over all of your traffic. If they have control over your traffic, they
>> also have
>> access to your client data (in theory) and other sensitive data.
>
> I know all of that.  Life is full of compromises.  This would be one.
>
>>
>>    Have you considered checking out a soekris box for m0n0wall? Or perhaps
>> running snort on an internal system and just doing a port mirror? Also,
>> if you
>> don't mind me asking, what sort of small business is this?
>
> The kind of business doesn't really matter.  All what you mentionned
> does increase the total cost.  I didn't say you're wrong, I just said
> that there is no clear-cut answer to this.  m0n0's developpers
> philosophy will dictate the path they'll take, and if people don't
> agree, they'll switch to something else.  This doesn't make of m0n0 a
> bad product.  Not at all.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>


----- End message from ugob at camo dash route dot com -----



Regards,
     Adriel T. Desautels
     Secure Network Operations, Inc.
     http://www.secnetops.com

----------------------------------------------------------------
Secure Network Operations - http://www.secnetops.com