PfSense newbie looking for advice

latheesan

Hi Everyone.

Let me start by saying, thanks for this wonderful project.

I run a small cPanel hosting service and I am trying to address the issue with SYN/Sppofed-SYN attacks we've been getting lately on our server.
First of all, can pfSense + SNORT module help with stopping SYN/SSYN attacks? To what extent?

All the DOS/DDOS filtered dedicated hosting is too expensive (the goods ones anyway), so I was planning on investing on a new server and set it up like this (I am complete newbie with pfSense with some knowledge about networking - enough to get by). I was wondering if this setup would work?

The Server

e3 Xeon 1230
4 Cores 8 Threads
16GB RAM
1+TB HD/120+GB SSD
1Gbps Port

The Setup

I will be using XEN Hyper-V (http://xen.org/products/xenhyp.html) and on the server, there will be two VPS:

1. pfSense VPS
2. cPanel VPS (running VPS Optimised cPanel)

Some questions I had (for now)

• Would I be able to use one VPS to filter the traffic and pass it onto the other VPS running cPanel?

• Is there any limitation with one NIC on the physical server? Will I need more?

chpalmer

Im no means in any way an expert but will link CMB from another thread:

http://forum.pfsense.org/index.php/topic,51238.0.html