View Single Post
  #4   (View Single Post)  
Old 3rd July 2008
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Default

Quote:
Originally Posted by robbak View Post
You are on a looser if you want to block all p2p.
Um, if you are going to insult someone, at least do it with words you know how to spell... wow.

And BTW, with some well-written snort rules, you can block p2p traffic. So maybe it's you who's the 'looser'.

Personally, though, I wouldn't use monowall or pfsense until I had a firm grasp of the underlying technologies they use. Grabbing one of those security platforms is great, but if you don't know what makes them tick you will be the constant support slut on the mailing lists and forums, and your level of expectation will be constantly shot down.

So learn how PF works. Learn how snort works (and in which cases it's good and not-so-good.) Learn about BASE, and MRTG, and Cacti... actually educate yourself on the tools of the trade... before you pick one of those open-source platforms.

At a job we picked Astaro as a commercial firewall/IPS solution. It's not free, but it's menu/admin system is decent. Problem is, if we didn't know how to operate the underlying open-source apps it strings together behind it's glossy front-end, we'd be up the creek without a paddle a long time ago.

Go figure... actually knowing what you're doing can pay off. Huh.
__________________
Network Firefighter
Reply With Quote