N00b Inquiry

  • I'd like an IDS on my LAN. I am assuming I would want pfSense and Snort to sit between my modem and my wireless router. I assume the system I build should have two nics that will monitor the traffic. Does that sound right?

    Also, I've seen some diagrams and it shows Snort going from a modem to a hub and the LAN also on that hub. I don't want to use a hub b/c of half duplex. While I consider building the IDS can I just attached a computer to my switch that will run pfSense & Snort?

  • The simplest thing is plug your modem into 1 Ethernet and your LAN into another one and enable snort. You could use LAN's but you will need a managed switch which isn't over easy unless you know what your doing.

Log in to reply