Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] running Snort on a consumer-grade router



Dan Ritter wrote:
> Running Snort at home doesn't seem to have brought me much advantage
> over my reasonably paranoid firewalling; I will probably drop it.

I generally like belt and suspender systems. Trust, but verify.

What bugs me about LANs is that there is no easy way to visualize the
traffic, and spot when rogue traffic is present.

I'd like to have some mechanism - ideally as independent from the router
as possible - that can be used to detect unexpected packet traffic and
trigger an alert, so if the router has a bug or misconfiguration, the
problem can be spotted.

There's also a curiosity factor in seeing reports of what attacks are
happening against the router, which the router is successfully fending
off. That can be interesting, but generally just amounts to useless noise.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org