Home page logo

basics logo Security Basics mailing list archives

Re: Re[2]: suggestions on a good firewall
From: "Jeff" <jeffr76 () yahoo com>
Date: Wed, 21 May 2003 13:45:44 -0400

Hallo Jeff,
am Dienstag, 20. Mai 2003 um 18:35:30 schrieben Sie:

ok I'll bite
Why is Linux or the others in this thread a bad idea as a firewall. I
you would recommend a hardware firewall. does this mean like a linksys
netgear or raptor or one of those type of LINUX based firewall systems.
I have deployed Linux,Cisco, and raptors based firewall and the
difference I
have see is support and cost.
Linux being the less cost and Cisco being the most.
if it was my network and I was making the security policy I would chose
Linux or raptor Cisco is just too much money for a personal or small

First of all, a firewall is a concept and not a machine, so one has to
chose a concept for it. You cannot compare a Cisco Router with Firewall

I did not say Cisco Router with Firewall i said Cisco and ment the PIX line

Feature Set to a Raptor. If one needs a packet filter-like firewall
component, i would always recommend OpenBSD - not Linux, not Cisco or
anything else.
Why? Because OpenBSD is one of the most secure Operating Systems, and
that's one of the most important points when chossing a firewall
component. You need a secure and stable platform. The BSD Unices (all of
them) are such a platform - more secure and more stable than Linux, even
than Cisco IOS.

I would disagree with the assumption the BSD is more secure that Cisco IOS
I would be interested in any facts you might have on the subject tho?

Everyone with rudimental knowledge in Unix-based systems can set up and
maintain such a system, when he or she is willing to read and learn a
bit. It is not as difficult as it may seem...
 the *ixes are not hard at all to learn and maintain

Only exception: A medium to large network with
In that scenario, it may be useful to choose a PIX, for management
there are some great tools for line PIX firewalls line

Disclaimer: I don't want to start the old "BSD vs. Linux" war. Who wants
to use Linux may use it. I like BSD a lot more, regarding security,
performance and stability in not-desktop-systems.
Neither do I :)

[TOFU removed]

Just my 3.141 ?-cents,


Malte von dem Hagen

DocValde () gmx de

Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]