mailing list archives
RE: Suggestions Needed
From: Adam Shephard <adams () firstfederalbanking com>
Date: Tue, 25 Feb 2003 14:31:01 -0500
I ran Smoothwall, then IPCop on my network at home for about a year. I
recently switched over to an OpenBSD box running pf. I am much happier with
the OpenBSD box.
Considering it's a home network, Smoothwall/IPCop were fine. I had a couple
of nagging doubts, though. One being the fact that all ports above 1024 were
open and the other being the concept of having other things (IDS & VPN) on
the same box as my firewall. Depending on who I asked, those things were
either "not a problem", "a gaping hole" or "could be good, could be bad,
depending on what you're doing". I had a long weekend with some free time so
I thought I'd try pf.
The thing that has made me happiest are the results when I scan the firewall
from the outside. While Smoothwall/IPCop looked pretty solid, I always saw
things I could do to tighten them. When I scan the pf box, it doesn't seem
Invisibility always seems to ease paranoia.
From: Justyn [mailto:dragon () dlance com]
Sent: Tuesday, February 25, 2003 12:55 AM
To: security-basics () securityfocus com
Subject: Suggestions Needed
I'm a home user rather new to firewalls. I have a spare pc I
want to use
as a firewall machine for our local lan of 2 workstations
I'm wanting a linux/unix flavor os for the firewall system.
Would I be
better off using a stripped down os that is tailored for firewall
machines or something like redhat/freebsd? Would would anyone
as a starting place to learn.
- RE: Suggestions Needed, (continued)