RE: Suggestions Needed

From: Adam Shephard (adams@firstfederalbanking.com)
Date: 02/25/03

  • Next message: Tim V - DZ : "RE: Suggestions Needed" 
    From: Adam Shephard <adams@firstfederalbanking.com>
To: 'Justyn' <dragon@dlance.com>
Date: Tue, 25 Feb 2003 14:31:01 -0500

    I ran Smoothwall, then IPCop on my network at home for about a year. I
    recently switched over to an OpenBSD box running pf. I am much happier with
    the OpenBSD box.

    Considering it's a home network, Smoothwall/IPCop were fine. I had a couple
    of nagging doubts, though. One being the fact that all ports above 1024 were
    open and the other being the concept of having other things (IDS & VPN) on
    the same box as my firewall. Depending on who I asked, those things were
    either "not a problem", "a gaping hole" or "could be good, could be bad,
    depending on what you're doing". I had a long weekend with some free time so
    I thought I'd try pf.

    The thing that has made me happiest are the results when I scan the firewall
    from the outside. While Smoothwall/IPCop looked pretty solid, I always saw
    things I could do to tighten them. When I scan the pf box, it doesn't seem
    to exist.

    Invisibility always seems to ease paranoia.

    > -----Original Message-----
    > From: Justyn [mailto:dragon@dlance.com]
    > Sent: Tuesday, February 25, 2003 12:55 AM
    > To: security-basics@securityfocus.com
    > Subject: Suggestions Needed
    >
    >
    > I'm a home user rather new to firewalls. I have a spare pc I
    > want to use
    > as a firewall machine for our local lan of 2 workstations
    > w/cable modem.
    > I'm wanting a linux/unix flavor os for the firewall system.
    > Would I be
    > better off using a stripped down os that is tailored for firewall
    > machines or something like redhat/freebsd? Would would anyone
    > suggestion
    > as a starting place to learn.
    >
    > Thanks!
    >
    >

    Relevant Pages

    • Re: Which Firewall??
      ... One connects to the Internet/router, one is the DMZ port, and the other ... configure as a firewall in the past. ... of RAM firewalling a full T1 with OpenBSD, ... > I need it to do VPN from Network to Network as well as Client to ...
      (comp.security.firewalls)
    • Re: OpenBSD stop to respond
      ... > I have a 2.9 OpenBSD box. ... It's a Firewall with PF and NAT, ... > since last week this machine stop to respond network. ...
      (comp.unix.bsd.openbsd.misc)
    • RE: can ping but not browse
      ... I have stopped the firewall. ... # are safed from all (security) hazards. ... firewall/bastion host to the internet ... # internet and to an internal network, ...
      (Fedora)
    • Re: Why not use NETBEUI on Windows XP ??
      ... Trusted zones means that firewall rules will be bypassed for any or certain ... not count on netbeui being a defense for such as long as smb connectivity ... while the connection is open. ... > Microsoft Networking components on my network. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Why not use NETBEUI on Windows XP ??
      ... Trusted zones means that firewall rules will be bypassed for any or certain ... not count on netbeui being a defense for such as long as smb connectivity ... while the connection is open. ... > Microsoft Networking components on my network. ...
      (microsoft.public.win2000.networking)