i setup my oinkcode and ive been looking through the options on ipfire intrusion prevention settings. i was wondering about all these identical rules
- is it ok to select identical ruels?
- what does it mean when the listed rules are identical?
- is it more secure to have all of an identical rule selected in the intrusion prevention system?
i realize it might take up more resources on my ip fire installation to have more rules checked but im not worried
my setup is a static IP provided by Shaw Business with the dns set to google’s dns,
connected to ipfire core 141 (updated from 139)
running on a HP Z400 workstation enhanced with a industrial intel dual gigabit lan card (red), an intel turbo memory booster x2 realtek gigabit lan cards, 16 GB of high speed ram
connected to a 5g TPlink wireless router.
my IPS only uses about 500MB of ram and i cant even see how much CPU time its using