Firewalls
-
Do any of you lot use a dedicated firewall of any kind? I've got an old 486 which I'd earmarked to be a LINUX firewall but haven't gotten around to building it yet. Has anyone used smoothwall or IPCop or any other dedicated LINUX distros for firewalls? This may well be better posted in another forum but I can't be bothered. Hell, I'm an editor, I can do what I want! ;p * cowers and waits for the almighty Chris to revoke my editor status for being cheeky *
-
Do any of you lot use a dedicated firewall of any kind? I've got an old 486 which I'd earmarked to be a LINUX firewall but haven't gotten around to building it yet. Has anyone used smoothwall or IPCop or any other dedicated LINUX distros for firewalls? This may well be better posted in another forum but I can't be bothered. Hell, I'm an editor, I can do what I want! ;p * cowers and waits for the almighty Chris to revoke my editor status for being cheeky *
James, I have an old Pentium system that I use for a firewall. It's currently running FreeBSD. I found that the BSD implementation of TCP/IP to be far superior to that found in Linux. In fact, FreeBSD is so completely integrated that you can turn on the firewall support with only a couple of lines of text in the master configuration file, "
/etc/rc.conf". If you're looking into the "ultimate" firewall operating system, you may also be interested in OpenBSD. -- Paul "I drank... WHAT?" -
Do any of you lot use a dedicated firewall of any kind? I've got an old 486 which I'd earmarked to be a LINUX firewall but haven't gotten around to building it yet. Has anyone used smoothwall or IPCop or any other dedicated LINUX distros for firewalls? This may well be better posted in another forum but I can't be bothered. Hell, I'm an editor, I can do what I want! ;p * cowers and waits for the almighty Chris to revoke my editor status for being cheeky *
I've used FreeSCO on my old 486 but now I'm using SME Server from Mitel Networks on a Pentium II. Grtx, Berry
-
James, I have an old Pentium system that I use for a firewall. It's currently running FreeBSD. I found that the BSD implementation of TCP/IP to be far superior to that found in Linux. In fact, FreeBSD is so completely integrated that you can turn on the firewall support with only a couple of lines of text in the master configuration file, "
/etc/rc.conf". If you're looking into the "ultimate" firewall operating system, you may also be interested in OpenBSD. -- Paul "I drank... WHAT?"I second that. FreeBSD is very simple to set up as a firewall. Of course you'd need to know how to use vi in order to configure it, but that's not a biggie, is it? If you want best possible safety, then OpenBSD is your best choice. But I figure FreeBSD is leaner on a 486 - more people are involved with FreeBSD thus the chance is greater that someone has spent many nights on optimizing FreeBSD for i486 ;) Hint: Turn off pretty much everything that's inbound. Unless you are running a web server of some sort on the inside, you rarely need any inbound holes. To be on the safe side, you should also setup outbound rules as well. If you know that you're not going to utilize other ports than 25 and 80 for instance, then there is no reason to have everything else opened (if for some reason you are infected by a worm, at least you'd make it harder for the worm to spread). Also, if you are having services on the inside, you are better off masquerading/NAT'ing your services via the firewall. This way no one on the outside knows what IP is what on the inside. Sonorked as well: 100.13197 jorgen FreeBSD is sexy.
-
Do any of you lot use a dedicated firewall of any kind? I've got an old 486 which I'd earmarked to be a LINUX firewall but haven't gotten around to building it yet. Has anyone used smoothwall or IPCop or any other dedicated LINUX distros for firewalls? This may well be better posted in another forum but I can't be bothered. Hell, I'm an editor, I can do what I want! ;p * cowers and waits for the almighty Chris to revoke my editor status for being cheeky *
-
James, I have an old Pentium system that I use for a firewall. It's currently running FreeBSD. I found that the BSD implementation of TCP/IP to be far superior to that found in Linux. In fact, FreeBSD is so completely integrated that you can turn on the firewall support with only a couple of lines of text in the master configuration file, "
/etc/rc.conf". If you're looking into the "ultimate" firewall operating system, you may also be interested in OpenBSD. -- Paul "I drank... WHAT?"Thanks for the advice. I was considering BSD as it is more akin to AIX and HPUX which is what I use at work so it would be easier for me to configure. Do you know if there is a decent proxy server built into FreeBSD?
-
Do any of you lot use a dedicated firewall of any kind? I've got an old 486 which I'd earmarked to be a LINUX firewall but haven't gotten around to building it yet. Has anyone used smoothwall or IPCop or any other dedicated LINUX distros for firewalls? This may well be better posted in another forum but I can't be bothered. Hell, I'm an editor, I can do what I want! ;p * cowers and waits for the almighty Chris to revoke my editor status for being cheeky *
Coyote Linux (www.coyote.com) Works great. Runs from a floppy!! (You can remove the noisy hard-drive and hardly know the computer is running.)
-
Coyote Linux (www.coyote.com) Works great. Runs from a floppy!! (You can remove the noisy hard-drive and hardly know the computer is running.)
Brad Bruce wrote: Coyote Linux (www.coyote.com) I think you mean www.coyotelinux.com -- Help me! I'm turning into a grapefruit!
-
I second that. FreeBSD is very simple to set up as a firewall. Of course you'd need to know how to use vi in order to configure it, but that's not a biggie, is it? If you want best possible safety, then OpenBSD is your best choice. But I figure FreeBSD is leaner on a 486 - more people are involved with FreeBSD thus the chance is greater that someone has spent many nights on optimizing FreeBSD for i486 ;) Hint: Turn off pretty much everything that's inbound. Unless you are running a web server of some sort on the inside, you rarely need any inbound holes. To be on the safe side, you should also setup outbound rules as well. If you know that you're not going to utilize other ports than 25 and 80 for instance, then there is no reason to have everything else opened (if for some reason you are infected by a worm, at least you'd make it harder for the worm to spread). Also, if you are having services on the inside, you are better off masquerading/NAT'ing your services via the firewall. This way no one on the outside knows what IP is what on the inside. Sonorked as well: 100.13197 jorgen FreeBSD is sexy.
Jörgen Sigvardsson wrote: I second that. I third that. Jörgen Sigvardsson wrote: Of course you'd need to know how to use vi in order to configure it, Well, he could use ed also. :rolleyes: Jörgen Sigvardsson wrote: If you want best possible safety, then OpenBSD is your best choice. But I figure FreeBSD is leaner on a 486 There's also PicoBSD - which is a scaled down version of FreeBSD. And, last I heard FreeBSD was going to tighten down on integrated security to compete with OpenBSD. Goody! :)
-
I second that. FreeBSD is very simple to set up as a firewall. Of course you'd need to know how to use vi in order to configure it, but that's not a biggie, is it? If you want best possible safety, then OpenBSD is your best choice. But I figure FreeBSD is leaner on a 486 - more people are involved with FreeBSD thus the chance is greater that someone has spent many nights on optimizing FreeBSD for i486 ;) Hint: Turn off pretty much everything that's inbound. Unless you are running a web server of some sort on the inside, you rarely need any inbound holes. To be on the safe side, you should also setup outbound rules as well. If you know that you're not going to utilize other ports than 25 and 80 for instance, then there is no reason to have everything else opened (if for some reason you are infected by a worm, at least you'd make it harder for the worm to spread). Also, if you are having services on the inside, you are better off masquerading/NAT'ing your services via the firewall. This way no one on the outside knows what IP is what on the inside. Sonorked as well: 100.13197 jorgen FreeBSD is sexy.
Jörgen Sigvardsson wrote: Hint: Turn off pretty much everything that's inbound. I would be careful with that. You might find unable to browse the internet if you block everything inbound. Regards, Venet. -------- Black holes are where God divided by zero.(Steven Wright)