Tips on Network Hardware from Snort-Inline Mailing List
I'm trying to figure out if it's possible to build a FreeBSD-based filtering bridge running Snort-inline.
I submitted this question to see if anyone has FreeBSD and Snort-inline working. I just got this response from Alex Dupre:
"The bridge doesn't support the divert socket and will not support it. We are working on a different approach to use snort in inline mode on a bridge, but there isn't an ETA (surely not soon)."
While perusing the snort-inline-users mailing list I found this thread. It pointed me to makers of interesting network equipment. Emerging Technologies makes multi-port failover cards like the 2 port NIC pictured above.
Shore Microsystems also makes failover devices, except these are independent appliances like the SM-2500.
I have no personal experience with these devices, but the posters in the snort-inline list seemed to like them. I note them here as a reference in the event I may need a similar product in the future.
I'm considering buying a Cyclades-TS100 remote access device. AcmeMicro sells them for a little more than $300. I'd like to have remote access via either Ethernet or dial-up.
Update: Scott Bald of Shore Microsystems asked me to mention newer products which exceed the features of the SM 2500 mentioned above, specifically the SM 2501 and the SM 2512.
I submitted this question to see if anyone has FreeBSD and Snort-inline working. I just got this response from Alex Dupre:
"The bridge doesn't support the divert socket and will not support it. We are working on a different approach to use snort in inline mode on a bridge, but there isn't an ETA (surely not soon)."
While perusing the snort-inline-users mailing list I found this thread. It pointed me to makers of interesting network equipment. Emerging Technologies makes multi-port failover cards like the 2 port NIC pictured above.
Shore Microsystems also makes failover devices, except these are independent appliances like the SM-2500.
I have no personal experience with these devices, but the posters in the snort-inline list seemed to like them. I note them here as a reference in the event I may need a similar product in the future.
I'm considering buying a Cyclades-TS100 remote access device. AcmeMicro sells them for a little more than $300. I'd like to have remote access via either Ethernet or dial-up.
Update: Scott Bald of Shore Microsystems asked me to mention newer products which exceed the features of the SM 2500 mentioned above, specifically the SM 2501 and the SM 2512.