Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Clearing disk

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    26 Posts 4 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      ILIKENETGATE @JohnKaul
      last edited by

      @JohnKaul No I did read the article. My comment about the datedness of it was that haven't these two leapfrogged each other over the past 6 years since they were both tested. Snort seemed interesting to me with it's $30 a year subscription that helps pay for what they do. Playing devil's advocate, what's wrong using both? It seems my 3100 is keeping up with it and computers are speedy when browsing. Go easy on me as I'm a newby and want learn...

      J I 2 Replies Last reply Reply Quote 0
      • J
        JohnKaul @ILIKENETGATE
        last edited by

        @ILIKENETGATE, I'm a newbie too. If the 3100 has more then one core, just run Suricata. But before you turn it on, establish what you want to do with it -i.e. monitor certain aspects of your infrastructure or etc. The point behind them both/either is that you need to check your logs. You use the tool to keep an eye on your setup and make improvements (it is not a "turn it on to keep me safe" thing, per se).

        I know nothing, other then a very, very high-level overview of these types of tool(s)--because I hate this hardware and network stuff--so, I'd do a lot of reading if I were you (take what I say with a grain of salt). And if I'm honest, I have a friend--into this network security stuff--who's been urging me down a certain path but what he wants to do will require me to actually do some work, so I'm here only because I'm researching an easy way out. ...I want to just buy a thin client and install OpenBSD on it for my firewall.

        I 1 Reply Last reply Reply Quote 0
        • I
          ILIKENETGATE @ILIKENETGATE
          last edited by

          @ILIKENETGATE Another question. So it looks like reading the article again that Suricata is better overall. I caught a sentence in there that Suricata gleans it's beginnings from Snort's initial work. So does the data that Snort gathers NIDS wise and releases every 30 days in the form of updates, and my $30 a year subscription, work on Suricata if so I'll kill Snort?

          1 Reply Last reply Reply Quote 0
          • I
            ILIKENETGATE @JohnKaul
            last edited by

            @JohnKaul Thanks John for your candor...so we'll learn together. Sure wish this was as easy as "turn it on to keep me safe"...

            1 Reply Last reply Reply Quote 0
            • J
              JohnKaul
              last edited by

              You have to pay for snort? I wouldn't pay for anything like that; if Suricata is free, go with it.

              @ILIKENETGATE said in Clearing disk:

              @JohnKaul Thanks John for your candor...so we'll learn together. Sure wish this was as easy as "turn it on to keep me safe"...

              Sure! Me too (and that's why I'm here hanging with you guys, for the moment). I'm more of a SSH/CLI guy (the /var/log discussion above) so you're going to yell at me bit when it comes down to management.

              I 1 Reply Last reply Reply Quote 0
              • I
                ILIKENETGATE @JohnKaul
                last edited by

                @JohnKaul No it would take much more than SSH for me to get mad :)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.