Tips on Network Hardware from Snort-Inline Mailing List

I'm trying to figure out if it's possible to build a FreeBSD-based filtering bridge running Snort-inline.

I submitted this question to see if anyone has FreeBSD and Snort-inline working. I just got this response from Alex Dupre:

"The bridge doesn't support the divert socket and will not support it. We are working on a different approach to use snort in inline mode on a bridge, but there isn't an ETA (surely not soon)."

While perusing the snort-inline-users mailing list I found this thread. It pointed me to makers of interesting network equipment. Emerging Technologies makes multi-port failover cards like the 2 port NIC pictured above.

Shore Microsystems also makes failover devices, except these are independent appliances like the SM-2500.

I have no personal experience with these devices, but the posters in the snort-inline list seemed to like them. I note them here as a reference in the event I may need a similar product in the future.

I'm considering buying a Cyclades-TS100 remote access device. AcmeMicro sells them for a little more than $300. I'd like to have remote access via either Ethernet or dial-up.

Update: Scott Bald of Shore Microsystems asked me to mention newer products which exceed the features of the SM 2500 mentioned above, specifically the SM 2501 and the SM 2512.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics