Replacing IPcop with pfsense



  • Hi all,

    Hoping this is the right forum, but not sure, please correct me when I'm wrong.

    I'm running into limitations of our IPcop firewall. That's why I'm planning on replacing it with a new box (new hardware) and propably pfSense.

    To make the transition a smooth as possible, and therefore start with the same setup as the IPcop and work up from there. The rules which should be setup seem easy (only blocking all inbound, and allowing LAN to DMZ). But as I understand it, an intrusion detection is very important (in IPcop SNORT). How do I set this up on pfSense?

    Am I forgetting something?



  • Go to "system" then "Packages"…

    Then Install it.  ;D

    From that page...
    Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.

    I found a donor computer to play with when I first got PFSense up and running so I could learn it...  That would be what I recommend...

    Good Luck!    ;)



  • Lots of info on snort in the packages forum.http://forum.pfsense.org/index.php/board,15.0.html


Log in to reply