Getting Started Between Modem and Router
gibran50161 last edited by
This is a general question. I thought it'd be fun to put and IDS between my modem and router, but I was thinking about it. This would probably be pointless because I am going to capture a lot of information that isn't affecting my network because I'm behind my router's firewall. Thoughts? The modem doesn't do any filtering so any traffic hitting my external IP would be captured by the IDS and there is a lot of activity out there that isn't necessarily impacting me.
So I suppose if I really want to use pfSense as an IDS I would also want it to be my firewall so that I can filter/monitor traffic breaking in and out of my LAN. Thoughts for a n00b???
In many ways you want the IDS to see all the traffic hitting the WAN of your firewall. That way the IDS can look for patterns in the hits to match against known attacks etc.