Re: [m0n0wall] m0n0snort

From:	"Adriel T. Desuatels" <adriel at netragard dot com>
To:	Sven Brill <madde at gmx dot net>
Cc:	m0n0wall List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] m0n0snort
Date:	Wed, 14 Feb 2007 14:28:27 -0500

Sven, 
    Simple, there is demand for such an appliance.


On 2/14/07 2:26 PM, "Sven Brill" <madde at gmx dot net> wrote:

> Adriel T. Desuatels wrote:
>> Greetings list, 
>>     Is there any intention of creating a monowall + snort image? I realize
>> that the image would need to run on a PC instead of the soekris like systems
>> because of memory/cpu requirements, but does one even exist?
>> 
>>   
> I doubt that will ever happen, as that is not what m0n0wall was designed
> for. Periodically, there are questions on the list to add functionality
> to m0n0wall that don't have much to do with its core purpose -
> firewalling. Most of these requests are either for squid proxy or other
> such things, but I guess the answer is the same for snort - m0n0 is a
> firewall for embedded systems, and does the job well. If it gets bloated
> with all these things, it probably won't do any of the jobs so well anymore.
> 
> And honestly, don't put all your eggs in one basket - let the firewall
> do the firewalling, and let one or more snort sensor(s) sniff the
> wire(s) and a central box do the reporting. Why would you want it in the
> same box?
> 
> Sven

-- 

Regards, 
    Adriel T. Desautels
    Chief Technology Officer - Netragard, LLC
    Office: 617-924-4510 || Mobile : 857-636-8882
    http://www.linkedin.com/pub/1/118/a45
    http://www.netragard.com
    -------------------------
    "We make IT secure."