I am having to deal with 100's of hacking attempts every day and I am not happy.
Many of the things I sift through per day are scanning attempts for a particular program, such as MS-SQL, IIS or HTTP. And there are others where somone is trying to bypass our perimeter firewall.
We're about to upgrade the server to FreeBSD 5.4 and I was wondering if anyone had some good ideas for an overall IPS?
I know about snort_inline, but I'm not familiar with it...is it good? I'm also aware that snort_inline isn't good enough on its own.
SO, does anyone have some tried and tested Intrusion Prevention Systems? As in, an overall strategy?