What's new

psad as an intrusion detection system for Merlin?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Marko Polo

Senior Member
Recently I've known about such util as psad which serves for analyzing iptables logs and detection/prevention of intrusions and suspicious activity in realtime. Is it worth it to install it locally on router as an security solution and have anybody ever had such experience? Just out of curiosity.
Psad reports and visualization seems decent for me and it is a long-proven reputed solution. Fail2ban is good too, but it seems to me they have different application areas and can complement each other.
 
Recently I've known about such util as psad which serves for analyzing iptables logs and detection/prevention of intrusions and suspicious activity in realtime. Is it worth it to install it locally on router as an security solution and have anybody ever had such experience? Just out of curiosity.
Psad reports and visualization seems decent for me and it is a long-proven reputed solution. Fail2ban is good too, but it seems to me they have different application areas and can complement each other.
No experience with psad but I'm currently looking into three different options (still researching to see which is best for IDS/IPS and my needs)

Option 1 - Home Monitoring w/ Splunk (Asus router)

Option 2 - BriarIDS, runs on a Raspberry Pi

Option 3 - Incorporate both depending on the lag time from the load

Hope this helps
 
Have you looked at snort ips?
Originally I was looking into BriarIDS since it's able to run on a RP3 but there arent any alert settings for email or phone. My end game is to get the hardware needed to setup Security Onion but until then I'm just looking for something simple with alerts via email or text. Until I gain some more networking knowledge anyways.

I've heard of Snort but haven't looked into it much. I'll give it a more in depth look to see if it fits my needs, thanks!
 
Similar threads
Thread starter Title Forum Replies Date
I Dual WAN switching detection Asuswrt-Merlin 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top