From owner-freebsd-chat@freebsd.org Thu May 31 10:13:50 2018 Return-Path: Delivered-To: freebsd-chat@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 06984EFD19C for ; Thu, 31 May 2018 10:13:50 +0000 (UTC) (envelope-from tdteoenming@gmail.com) Received: from mail-yb0-x244.google.com (mail-yb0-x244.google.com [IPv6:2607:f8b0:4002:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8BF2C7C105 for ; Thu, 31 May 2018 10:13:49 +0000 (UTC) (envelope-from tdteoenming@gmail.com) Received: by mail-yb0-x244.google.com with SMTP id i1-v6so7405211ybe.1 for ; Thu, 31 May 2018 03:13:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=/9YAXReHcIZ1vT91pp8R+H25j/CSZ+AmhwNU+TEmLeo=; b=o0HCGqW0OiH9EgVMdo2igopfTeiRzIr0cJzEes6FsrRUmjH8ASLLvHegWLjMBJM33N njrvb/5YjsedxrbtA+/kwK460pSSJXNlvlnJnPC5Z4EOkR4il62+809Fu/liQcnCDL7j nJ5yS6hgCNBOS3mKpy9elX2KTlb3yhDj1KedlaF66tA1pg+RRGUl8VYP3v0LU+iAxSqo mD6ZwvRXsfukX8y94RMZhLm3BMluHiQDrRych53EdetIqhseS9kU1WUVcVY94XQdk/Ac cOkkolx0l8OBRXWX5hwMoZPg+tXsfXXlzB5SnjFBm7wRp9Qp3pkGxa/5dfrV0F+Iy3Ap c1vQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=/9YAXReHcIZ1vT91pp8R+H25j/CSZ+AmhwNU+TEmLeo=; b=Yj8l26/NvF5xMA9hqK+3PPbteDyZ2E3h3iAk2mNgrS4tI9WuNGS76zJ8ThGGwkl+K6 vaI+2zMVfMDBVFZOnrt+H80gN8eUywOoQalVRWDD8q2lCCOsqQaTlokwhIUYVrpiCPBt ew0paW82L49+VbcxwlVkQ/2lOTeBr1Eccl9SWiI+UgtzMqxpitlVYY4r5FzmeGbcqHba SoFAe3mCEQB1gBDqD5sNIchmVfJIddHyyyAU/Bib1r6QlInzNvVqcEF6/3ewZO78gNn7 HaTlYUEDUykKenXrAUMhjbkdfDmi6hn7m+NnGrYa171twwxnT7pKRkiKWZPXYNRKDNFd BDuw== X-Gm-Message-State: ALKqPwffVtpUTZU6l2bFZhwmmVnRGO9PSdS6D1WgEzZr6KYmTk+ymiMp kl/nDmDwelBzp+++0VhRXIPctbbZcfxfYe7ksBDc X-Google-Smtp-Source: ADUXVKLZeb6wlGUVw5/MU+CRw+nspJUjb/NPDeilehXUkgmSBK+iOS/y+PgOjVxpBHJKDcPokwbbkmstr+77BE59iN4= X-Received: by 2002:a25:30d4:: with SMTP id w203-v6mr3439223ybw.357.1527761628765; Thu, 31 May 2018 03:13:48 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:cb42:0:0:0:0:0 with HTTP; Thu, 31 May 2018 03:13:48 -0700 (PDT) From: Turritopsis Dohrnii Teo En Ming Date: Thu, 31 May 2018 18:13:48 +0800 Message-ID: Subject: Is pfSense the Best Open Source Firewall/IDS/IPS in the World? To: freebsd-chat@freebsd.org Cc: Turritopsis Dohrnii Teo En Ming Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 May 2018 10:13:50 -0000 Good Afternoon Everybody from Sunny Singapore! Four months ago, somewhere around 17th January 2018, I deployed my very first installation of pfSense firewall Community Edition version 2.4.2 on my 9-year-old home desktop computer (Intel Pentium Dual Core E6300 @ 2.8 GHz, Intel DQ45CB Motherboard, 6 GB RAM and 1 TB SATA Harddisk). More recently, on 25th April 2018, I have upgraded my home-based pfSense network security appliance to Community Edition version 2.4.3. As my primary focus is on Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), I have Snort installed as well. Since 17 Jan 2018, I observed that I have been getting very few and trivial Snort intrusion alerts. To my horror, I discovered that I did not enable all the Snort rules for all of my network interfaces. That was yesterday, 30th May 2018. Without wasting much time, I had swiftly enabled all the Snort rules for every one of my network interfaces. >From then on, I have been getting more exciting Snort intrusion alerts. My questions are: (1) Is pfSense, coupled with Snort, the best open source firewall/IDS/IPS in the world? (2) Is pfSense on par with commercial network security appliances, including but not limited to Cisco ASA, Cisco Sourcefire, Fortigate, SonicWall, etc? (3) Is Snort able to detect malware and ransomware before they reach the endpoints? Seems like Emerging Threats Pro (ET Pro) signatures at proofpoint.com are able to. How much are you required to pay for these signatures? (4) Where can I get quality guidance on configuring Snort in pfSense? I have searched Amazon AWS Cloud Marketplace and Microsoft Azure Cloud Marketplace. Only pfSense firewall is listed. I cannot find opnsense firewall anywhere. Same goes for GNS3 network simulator. pfSense firewall is based on FreeBSD 11.1. Please advise. Thank you very much. ===BEGIN SIGNATURE=== Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017 [1] https://tdtemcerts.wordpress.com/ [2] http://tdtemcerts.blogspot.sg/ [3] https://www.scribd.com/user/270125049/Teo-En-Ming ===END SIGNATURE=== Time stamp: 31st May 2018 Thursday 6 PM Singapore Time GMT+8 From owner-freebsd-chat@freebsd.org Thu May 31 16:18:57 2018 Return-Path: Delivered-To: freebsd-chat@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ED096EFEEDD for ; Thu, 31 May 2018 16:18:56 +0000 (UTC) (envelope-from nomadlogic@gmail.com) Received: from mail-vk0-x233.google.com (mail-vk0-x233.google.com [IPv6:2607:f8b0:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 81E0270CDB for ; Thu, 31 May 2018 16:18:56 +0000 (UTC) (envelope-from nomadlogic@gmail.com) Received: by mail-vk0-x233.google.com with SMTP id i190-v6so13677272vkd.13 for ; Thu, 31 May 2018 09:18:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=C629TaabbqHDMbIpy1bZc7sIv0aAlXxB3GVB8/G5GbE=; b=doDkBaHHmGxGzzt9v6Hd37r7IqdF414eENwW/Uw1qdOxQ9MYqH8v0zYXUk5z+wjEyT mtVykHPDBeqg/Hu3w9SQGftG8AKXc5XCjecYFezBvlzGcIsoFX2X24g1sWqS4y3B8W4j 0Wjy9wER0pf4Dlac2BfjtP9+TqeDoTiuwB61W4N/S+/ah+qkrAb+O5Nnamz9A3lI1LOp 1WiuOWB1b0cVxOPrmSjhpcaWKI6EMhzE5WmwWJJlRfu+FR68/Ntjnm6WXqy5oDwft0+R JYuw8n65J68ps6H1ZKZ0DdiQ9pJygEW3Q5Y6n0k64hEzpHqLBTDRzP+ZRkgWTlBmEZRC HeNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=C629TaabbqHDMbIpy1bZc7sIv0aAlXxB3GVB8/G5GbE=; b=boUJ/S6qJTMIOpbNXqnWHLkNGskSSyPSJ0+InbyNWeJ8DFi4ZiwpVZhSfUlwAlxiHG B8wjsXegj1y7D5UtQ95cTREEGk83egWBsKgLeZHM6ddr22Vnasu2P1Flt4wwX435WuF8 S2Gwa1fplz3iEi/l0UiHXsFDl+jJnkPZKEQNxwhaPp5xy7vT82+3p0hua1Nw2xVhWiA8 6T1k34hL0wKOyMwHlKq9b5BqMvxfIHb7wdOVrHnUM6PKaaUX2cH5QYldMA5hNMNQ2877 JcR8cQilcep7v2OT56B9I4YV57iraypVR2f8UiFhFbwb17JIMPDSAKyRC20A4e5VphmA sFBg== X-Gm-Message-State: ALKqPweCJ4FUaxpHPPTsB5H5HqZU1ZOFf1Fira3Qev/0B4FQ92tilOAT L43tmS31UKVq+9xaXqTcYVjf6zc65q4J8TS59AbpPBIl X-Google-Smtp-Source: ADUXVKJxtMr9/t8jI9PLyzuSLjpTZTm9Bez88bweMWO2fhTCkH/h882IqBrTR5XDaYvzslYz7sodBlRFXkZFC6NTG6M= X-Received: by 2002:a1f:bf4c:: with SMTP id p73-v6mr4793740vkf.63.1527783535943; Thu, 31 May 2018 09:18:55 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:ab0:4748:0:0:0:0:0 with HTTP; Thu, 31 May 2018 09:18:55 -0700 (PDT) In-Reply-To: References: From: pete wright Date: Thu, 31 May 2018 09:18:55 -0700 Message-ID: Subject: Re: Is pfSense the Best Open Source Firewall/IDS/IPS in the World? To: Turritopsis Dohrnii Teo En Ming Cc: FreeBSD Chat Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 May 2018 16:18:57 -0000 On Thu, May 31, 2018 at 3:13 AM, Turritopsis Dohrnii Teo En Ming wrote: > Good Afternoon Everybody from Sunny Singapore! > > Four months ago, somewhere around 17th January 2018, I deployed my > very first installation of pfSense firewall Community Edition version > 2.4.2 on my 9-year-old home desktop computer (Intel Pentium Dual Core > E6300 @ 2.8 GHz, Intel DQ45CB Motherboard, 6 GB RAM and 1 TB SATA > Harddisk). this question would be better suited to the pfsense mailing list of BB: https://forum.netgate.com/ pfsense runs freebsd under the hood but is not supported by the freebsd community, so you'll probably get better luck using the above link. -pete -- pete wright www.nycbug.org @nomadlogicLA From owner-freebsd-chat@freebsd.org Thu May 31 19:10:01 2018 Return-Path: Delivered-To: freebsd-chat@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BBA0EFCA48D for ; Thu, 31 May 2018 19:10:01 +0000 (UTC) (envelope-from outsidetheboxllc@gmail.com) Received: from mail-wr0-x235.google.com (mail-wr0-x235.google.com [IPv6:2a00:1450:400c:c0c::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 38B9878A58 for ; Thu, 31 May 2018 19:10:01 +0000 (UTC) (envelope-from outsidetheboxllc@gmail.com) Received: by mail-wr0-x235.google.com with SMTP id l41-v6so34066270wre.7 for ; Thu, 31 May 2018 12:10:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Yzf4ZZAzC4qfoWzN2SDuWRuhYE4sU4BTmS3L4TgfD94=; b=oeXhNJceGj3yki7T+YaR0XSOlHQlmdbMsf4lVZWulBd3PyzJit9yVh/IcuNghkRWtf n7pMSov9cr0ju9RyeVXW2ltucyW5xKOb36QbmsBMqQAPWtaxbN4/xvQinRHVId7KEYTt EE5EKH+Ulu8IM2fwgD29W0h0yELMdSRmOyGBrGG6q5vkI+BxmlerR84fOCZ7sf2ui2GC oP4vTzL7XJkWHtaX7QDsTprStq8IhLL4Nk3nVblPWPETpVsgmcBEBBZ0eMeQ6Dq1xd25 5UsJekW5dAnQzp0Er90xWSrZYPxFjaGpbXcB1uuOOwXIQOBqSZQQ8BslI2BuqBbvUD11 rtXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Yzf4ZZAzC4qfoWzN2SDuWRuhYE4sU4BTmS3L4TgfD94=; b=gSluz0u+PNfozYlV2FeQzXsQiOZt0l5WX8LYUHaL4XTNdyzcmpn6XMZUoEcIXpsRPC i3D15zohTkToODvl5u5rRb1EhYIeifMVr9LaaUWv0yYJLkOs0HyoLSfL6tdgZNPQr4Rf xbF+kHpVQDTlKpsDY+YtZ2dYgKowH6hCRYkylIKHGnoW5acamB3HRQjfnCLQda5SVEYo XZEbhYvICae/6h+YSKXOVYCDHNL/KedamP6wPs8IejftpXUdI9ml68GoKyru7LwRajwr zJoo4OeUB5JNPuyngofe+xMwWV7oei8eOUuDqQGKmf5k0TopWQi4uVob1Rs/x4UEfOza P1HQ== X-Gm-Message-State: ALKqPwcN6zP1pB6jseHls2bqTl+boXx1UrvwBUBSN/HBysOZQVw0ix0O X5YZGW/hx8Iow6Zvy3FNFZ103uF/6ccJFZRwzvo= X-Google-Smtp-Source: ADUXVKK8cMqmwXhAElP1U/NSqOaSNTErgRXSQX1a72xEPOpdgunZ3YPc5AupYEJoemS9Am6EGM92hqoiNkXsApHEzho= X-Received: by 2002:adf:83c6:: with SMTP id 64-v6mr6703349wre.270.1527793800057; Thu, 31 May 2018 12:10:00 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a1c:4406:0:0:0:0:0 with HTTP; Thu, 31 May 2018 12:09:59 -0700 (PDT) In-Reply-To: References: From: Outside_the_Box LLC Date: Thu, 31 May 2018 12:09:59 -0700 Message-ID: Subject: Re: Is pfSense the Best Open Source Firewall/IDS/IPS in the World? To: pete wright Cc: Turritopsis Dohrnii Teo En Ming , FreeBSD Chat Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.26 X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 May 2018 19:10:02 -0000 indeed p.w. ... message ends. __________________ On Thu, May 31, 2018 at 9:18 AM, pete wright wrote: > On Thu, May 31, 2018 at 3:13 AM, Turritopsis Dohrnii Teo En Ming > wrote: > > Good Afternoon Everybody from Sunny Singapore! > > > > Four months ago, somewhere around 17th January 2018, I deployed my > > very first installation of pfSense firewall Community Edition version > > 2.4.2 on my 9-year-old home desktop computer (Intel Pentium Dual Core > > E6300 @ 2.8 GHz, Intel DQ45CB Motherboard, 6 GB RAM and 1 TB SATA > > Harddisk). > > > this question would be better suited to the pfsense mailing list of BB: > > https://forum.netgate.com/ > > pfsense runs freebsd under the hood but is not supported by the > freebsd community, so you'll probably get better luck using the above > link. > > -pete > > > > > -- > pete wright > www.nycbug.org > @nomadlogicLA > _______________________________________________ > freebsd-chat@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-chat > To unsubscribe, send any mail to "freebsd-chat-unsubscribe@freebsd.org" >