RE: Need secure firewall for SOHO

From: James McGee (james_at_infosec.co.im)
Date: 02/02/05

  • Next message: John Gisler: "Fwd: Need secure firewall for SOHO - Sender is forged (SPF Fail)" 
    To: "'dallas jordan'" <dallas.jordan@gmail.com>, <security-basics@securityfocus.com>, <Jim.DAmbrosia@montgomerycollege.edu>
Date: Wed, 2 Feb 2005 21:35:22 -0000

    Does this guy feel like sharing his thesis? Or is it published somewhere?

    I am sure the list would be interested.

    I am anyway.

    Cheers

    -----Original Message-----
    From: dallas jordan [mailto:dallas.jordan@gmail.com]
    Sent: 02 February 2005 20:30
    To: security-basics@securityfocus.com
    Subject: Fwd: Need secure firewall for SOHO

    ---------- Forwarded message ----------
    From: dallas jordan <dallas.jordan@gmail.com>
    Date: Wed, 2 Feb 2005 15:28:55 -0500
    Subject: Re: Need secure firewall for SOHO
    To: "DAmbrosia, Jim" <Jim.DAmbrosia@montgomerycollege.edu>

    Jim,
        He can run OpenBSD on a fairly low power pc and it will do just
    fine. Then he can us a 16 port switch for his clients. That would
    be fairly cheap and OpenBSD is an excellent firewall, both performance and
    security wise.

    On Tue, 1 Feb 2005 08:47:12 -0500, DAmbrosia, Jim
    <Jim.DAmbrosia@montgomerycollege.edu> wrote:
    > To the group,
    >
    > I have a colleague who has a SOHO network using ADSL. He is using a
    standard Linksys router for his firewall, but has reached a limit in the
    number of ports it can open and manage. I don't have one on hand to check,
    but evidently the Linksys only has ten slots to configure ports to be opened
    and he needs 12-15 or so.
    >
    > Without a lot of money he wants to get a different firewall up and running
    that has more ports that it can manage.
    > I suggested the free version of zone alarm as the only free one I'm aware
    of; however it turns out that he wrote his thesis on how you can crack zone
    alarm.
    >
    > Looking for another much more secure solution?
    >
    > Thanks,
    >
    > Jim,
    >
    > 

    --
Dallas Jordan CCNA, CISSP
Ernst & Young LLP
Security & Technology Solutions (STS)
Office:   404-817-5940
Mobile:  404-274-2649
EY/Comm:   7455673
E-mail:  Dallas.Jordan@ey.com
--
Dallas Jordan CCNA, CISSP
Ernst & Young LLP
Security & Technology Solutions (STS)
Office:   404-817-5940
Mobile:  404-274-2649
EY/Comm:   7455673
E-mail:  Dallas.Jordan@ey.com
  • Next message: John Gisler: "Fwd: Need secure firewall for SOHO - Sender is forged (SPF Fail)"

    Relevant Pages

    • Re: Firewall Strategy
      ... ports are used ... > I have tried several firewalls (black ice, Zone Alarm Free, Zone Alarm ... > Pro and now I've been told that Norton Personal Firewall is the best ...
      (comp.security.firewalls)
    • Re: Trouble accessing Outlook Web Access from behind firewall
      ... When starting the firewall I also set ... > rejected and dropped packets are logged, however I see nothing in my log ... > # Higher ports needed to accept incoming/outgoing calls ...
      (comp.security.firewalls)
    • Re: iptables configuration
      ... >> that if a 'virus/trojan' initiated a connection to the net, the firewall ... >> would not protect the LAN. ... The LAN is NATed with private IPs to one public IP. ... the ports that are used by services running on linux. ...
      (comp.os.linux.security)
    • Re: Norton Personal Firewall 2003
      ... |> First thing I would do is put the GRC test site into the Exclusions ... | ports they will not get the same result being in my blocklist, ... the firewall checks unsolicited inbound communications attempts. ...
      (comp.security.firewalls)
    • Re: How to stealth against ping/echo requests?
      ... I just started using the Online-Armor firewall. ... Some ports are even open. ... Are you behind a router? ... Every time it founds a new LAN, it asks if you want to trust it ...
      (comp.security.firewalls)