[Discuss] running Snort on a consumer-grade router
Tom Metro
tmetro-blu at vl.com
Wed Jan 18 18:27:52 EST 2012
Dan Ritter wrote:
> Running Snort at home doesn't seem to have brought me much advantage
> over my reasonably paranoid firewalling; I will probably drop it.
I generally like belt and suspender systems. Trust, but verify.
What bugs me about LANs is that there is no easy way to visualize the
traffic, and spot when rogue traffic is present.
I'd like to have some mechanism - ideally as independent from the router
as possible - that can be used to detect unexpected packet traffic and
trigger an alert, so if the router has a bug or misconfiguration, the
problem can be spotted.
There's also a curiosity factor in seeing reports of what attacks are
happening against the router, which the router is successfully fending
off. That can be interesting, but generally just amounts to useless noise.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list