Just to make this clear (besides the technical differences between IDS/IPS), the snort package optionally can block (it's a checkbox).
Holger > -----Original Message----- > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 05, 2006 10:23 PM > To: discussion@pfsense.com > Subject: Re: [pfSense-discussion] IDS yet? > > > On 10/5/06, Chris Godwin <[EMAIL PROTECTED]> wrote: > > Am I correct about Snort being able to block as well as > detect? Isn't > > this IDS/IPS, not just IDS. > > It is a delayed IDS. Generally an IPS hooks into the network stack > directly and does not allow the traffic to pass through until its > scanned. > > This is the counter of that, where a packet may be let through and > then a block rule is added 50ms later, etc. > > Scott >
