On Tue, Dec 10, 2013 at 2:38 PM, David Miller <[email protected]>wrote:
> Quick capability question from those in the know…. > > > Does pfsense offer any kind of adaptive filtering? > > Specifically, can it: > > Tell that it’s under attack and block all packets from the attacking > source for some period of time? > Get a list of signatures to block on the way in (as in virus > scanning). > > > TIA, > > — David > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > First question, what's an attack? your pfsense box doesn't know. Snort is a package that can be installed to define the attacks and take action based on the request. get the paid snort.org version(cheap) and it will give you up-to-date rules. Otherwise I think it's a week or two behind in definitions. https://doc.pfsense.org/index.php/Setup_Snort_Package#Select_what_types_of_rules_you_want_protecting_your_network After you have installed and tested it, THEN worry about the CPU/RAM/disk overhead.
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
