Netgate SG-1000 microFirewall

Author Topic: Replacing IPcop with pfsense  (Read 2078 times)

0 Members and 1 Guest are viewing this topic.

0059099

  • Guest
Replacing IPcop with pfsense
« on: June 24, 2008, 04:07:06 pm »
Hi all,

Hoping this is the right forum, but not sure, please correct me when I'm wrong.

I'm running into limitations of our IPcop firewall. That's why I'm planning on replacing it with a new box (new hardware) and propably pfSense.

To make the transition a smooth as possible, and therefore start with the same setup as the IPcop and work up from there. The rules which should be setup seem easy (only blocking all inbound, and allowing LAN to DMZ). But as I understand it, an intrusion detection is very important (in IPcop SNORT). How do I set this up on pfSense?

Am I forgetting something?

Offline chpalmer

  • Hero Member
  • *****
  • Posts: 1790
  • Karma: +93/-3
    • View Profile
    • Home of Cablenut
Re: Replacing IPcop with pfsense
« Reply #1 on: June 24, 2008, 08:32:04 pm »

Go to "system" then "Packages"...

Then Install it.   ;D

From that page...
Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.

I found a donor computer to play with when I first got PFSense up and running so I could learn it...  That would be what I recommend...


Good Luck!    ;)
P.S. statements made by me are not necessarily condoned by the management of this fine organization.  http://badmodems.com

Online mhab12

  • Hero Member
  • *****
  • Posts: 694
  • Karma: +7/-0
    • View Profile
Re: Replacing IPcop with pfsense
« Reply #2 on: June 25, 2008, 09:32:26 am »
Lots of info on snort in the packages forum.http://forum.pfsense.org/index.php/board,15.0.html