Snort combined with Windows Firewall ?

Discussion in 'other firewalls' started by Habakuck, Jun 23, 2012.

Thread Status:
Not open for further replies.
  1. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Hi,

    I am thinking about my next security setup and would like to use the Win7 Firewall, managed by http://www.binisoft.org/wfc.php .

    To enhance the network security of my Laptop I would like to combine the both with snort.

    Does that makes sense?

    Has Snort some kind of user interface? Watching some videos, trying to understand what snort delivers I only found cmd commanding which is a little bit confusing for me.

    Looking forward to some good input from you guys,
    Habakuck
     
  2. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    267
    Location:
    Philippines
    Yup, makes sense, try this link, xttp://www.snort.org/assets/151/Installing_Snort_2.8.6.1_on_Windows_7.pdf

    Just replace "x" with "h". Cheers!
     
    Last edited: Jul 5, 2012
  3. I'm actually not sure it makes sense. I don't believe network attacks against PCs are very common, and anyway you can close all your ports with Windows Firewall; Snort IIRC is more for servers, where you have to keep some ports open, and want to prevent attacks against them. Perhaps it could provide protection from worms like Conficker or Stuxnet, but I'm not sure it's worth the performance hit in practice.

    Do take what I say with a grain of salt though; I'm not a network security expert.
     
  4. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,230
    Location:
    Romania
    As a home user, I think you can live without snort without worries. :)
     
  5. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
  6. virtualsecurity

    virtualsecurity Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    7
    Location:
    italy
    use colasoft capsa network analyzer

    you have a lot of data to investigate any possible intruders , firewall is circumvent , you control the connections to ports and protocols used , packet conversation and ip & mac source & destination .
     
  7. ShockWaves

    ShockWaves Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    12
    Location:
    United States
    Only the most 1337 h4x0rz use Snort.
     
  8. virtualsecurity

    virtualsecurity Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    7
    Location:
    italy
    |735|73c7 )
     
  9. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    The goal of an IDS is to detect or/and prevent an intrusion by a malware/worm or intruder/hacker from internet to the local host.
    A protocol analyzer like Capsa, Wireshark or Network Miner is to detect signs of host compromissions...
    Reliable security means stopping the threats at the door...once the puma in the farm, it is often too late...
    Once hardening the system, most threats will occur via HTTP...and in this case, trust your antivirus, hips, sniffer or experience.

    Rgds
     
  10. virtualsecurity

    virtualsecurity Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    7
    Location:
    italy
    Hi kareldjag
    I started a week ago to get interested in computer security, i like ,
    so I have no experience , I go to instinct , IPS work to prevent intrusions , and neural networks , through the analysis of databases that describe the attacks as they occur ; or throwing the exploits against themselves in a separate system to see how they work and prevent attacks , but there is no remedy to close the port of entry. the only way is to detect and intervene in individual cases and 'watching real-time packets and logs and monitoring applications and system files. but in a very large network is very difficult and costly.

    but all these software and hardware analysis and prevention are fantastic .
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
Loading...
Thread Status:
Not open for further replies.