What packages do you use to secure your network?

JustinHoMi

Just curious what steps everyone here uses to secure their network.

Right now I'm using Snort, HAVP, and Country Block. There are a few other packages that I'm considering using (more blacklists), but not sure if they're worth it. As it is now, I get a lot of false positives, but still have plenty of bad traffic (viruses) making it's way through.

Anyways… how is your network secured?

Justin

XIII

Im going to assume just packages on PF as thats all you listed

Snort- no blocking as on one system it likes to block itself, just lets me know about the malicious traffic
Squid- speed up Internet, also can prove who did what if accused of something because of the http logs
Country Block-I block country's I dont like in and out
Cron- i run clamav, other stuff listed there is standard or required by a package
dashboard-see everything at a glance
phpSysInfo- see how components are doing
nut-so it turns off gracefully
ntop/darkstat-mostly for statistics and future planning
nmap-basic scanning from fw, for more basic i use a diff system