Home page logo

basics logo Security Basics mailing list archives

RE: Suggestions Needed
From: Adam Shephard <adams () firstfederalbanking com>
Date: Tue, 25 Feb 2003 14:31:01 -0500

I ran Smoothwall, then IPCop on my network at home for about a year. I
recently switched over to an OpenBSD box running pf. I am much happier with
the OpenBSD box.

Considering it's a home network, Smoothwall/IPCop were fine. I had a couple
of nagging doubts, though. One being the fact that all ports above 1024 were
open and the other being the concept of having other things (IDS & VPN) on
the same box as my firewall. Depending on who I asked, those things were
either "not a problem", "a gaping hole" or "could be good, could be bad,
depending on what you're doing". I had a long weekend with some free time so
I thought I'd try pf. 

The thing that has made me happiest are the results when I scan the firewall
from the outside. While Smoothwall/IPCop looked pretty solid, I always saw
things I could do to tighten them. When I scan the pf box, it doesn't seem
to exist.

Invisibility always seems to ease paranoia.

-----Original Message-----
From: Justyn [mailto:dragon () dlance com]
Sent: Tuesday, February 25, 2003 12:55 AM
To: security-basics () securityfocus com
Subject: Suggestions Needed

I'm a home user rather new to firewalls. I have a spare pc I 
want to use 
as a firewall machine for our local lan of 2 workstations 
w/cable modem. 
I'm wanting a linux/unix flavor os for the firewall system. 
Would I be 
better off using a stripped down os that is tailored for firewall 
machines or something like redhat/freebsd? Would would anyone 
as a starting place to learn.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]