Just installed the 7.470 ISO from scratch and followed the wizard to set up everything. In intrusion prevention I checked everything. However none of the flood protection is active. Also anti port scan is not active by default[:S]
Any newbie setting up a firewall is going to test port scan first thing when testing his firewall and will be disappointed to find out that his new firewall is not blocking port scan at all while his supposed IPS is blocking thousands of attacks. Also most tests against firewalls are done in default configurations, if you enabled everything in the wizard, how come the firewall is still vulnerable to flood protection and portscan attacks?
I realise that in the wizard you are strictly dealing with snort but even at that a firewall with port scan protection turned off? Not good.
