Re: Secure Network Design (DMZ, LAN, etc)
From: Volker Kindermann (bugtraq@secspace.de)Date: 08/19/02
- Previous message: InternetSmiths: "are you getting the full header? Here's how Re: Reading Email Headers!!"
- In reply to: booth monkey: "Re: Secure Network Design (DMZ, LAN, etc)"
- Next in thread: Daniel Miessler: "RE: Secure Network Design (DMZ, LAN, etc)"
- Next in thread: Tony Shoemaker: "RE: Secure Network Design (DMZ, LAN, etc)"
- Reply: Daniel Miessler: "RE: Secure Network Design (DMZ, LAN, etc)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 19 Aug 2002 21:37:24 +0200 From: Volker Kindermann <bugtraq@secspace.de> To: security-basics@securityfocus.com
> My other main question regarding firewalls is whether or not a Linux
> box running IPTables would be good enough or should I look at a
> commercial > solution (Checkpoint, Raptor, etc). I have a very tight
> budget so IPTables is attractive, but I want to make sure I have a
> solid long-term solution that can handle lots of traffic.
Here I would recommend you a machine running OpenBSD with pf. If you
won't go with writing firewall-rules with a texteditor, there's a great
gui frontend for this: fwbuilder (http://fwbuilder.sourceforge.net).
I'm sure OpenBSD's pf will outperform Linux with iptables and
additionally pf IMHO is more stable than iptables. Give it a try. :-)
-volker
- Previous message: InternetSmiths: "are you getting the full header? Here's how Re: Reading Email Headers!!"
- In reply to: booth monkey: "Re: Secure Network Design (DMZ, LAN, etc)"
- Next in thread: Daniel Miessler: "RE: Secure Network Design (DMZ, LAN, etc)"
- Next in thread: Tony Shoemaker: "RE: Secure Network Design (DMZ, LAN, etc)"
- Reply: Daniel Miessler: "RE: Secure Network Design (DMZ, LAN, etc)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
