Re: hardware firewall

phn_at_icke-reklam.ipsec.nu
Date: 01/07/04 

Date: Wed, 7 Jan 2004 15:50:44 +0000 (UTC)

Leythos <void@nowhere.com> wrote:
> In article <qbbnvv4f9ndk2lfs59iavup2no8t3ctf64@4ax.com>,
> chris@nospam.com says...
>> On Mon, 05 Jan 2004 23:20:42 GMT, Leythos <void@nowhere.com> wrote:
> [snip]
>> >To be honest, you might be better off purchasing a copy of Windows 2000
>> >Server and using a Linksys Router with NAT. The cost of a good firewall
>> >that will also provide IP restrictions will cost more than the Server
>> >software and a simple NAT router.
>>
>> Have you priced W2K Server lately?

> Yes, Server 2000 standard will run on any beefy workstation and is only
> $700 US. It can be purchase for less if you are a non-profit or a
> educational member. You can also subscribe to the MSDN, if you are a
> developer of MS products you should already have this, and install
> anything they make.

I can obtain a linx server AND HARDWARE for $700

Ain't that a proce difference ??

>> Everything the original poster wants can be done with a free linux
>> running on a cheap Pentium 200 PC. This includes:
>> 1. NAT/Masqueradeing
>> 2. Redirecting http requests to a different address or port
>> (ie a denied webpage)
>> 3. Control which IPs can connect to which internal address/port.
>> 4. Stateful packet inspection so ports are only open when needed
>> 5. DOS detection and prevention (eg syn attacks)
>> 6. Transparent pop3 email virus/spam filter.
>> 7. Transparent web cache
>> 8. Much more
>>
>> Heck, you could even run Apache on the linux box and avoid the
>> terribly buggy and insecure IIS altogether. You'll have to learn some
>> linux along the way which really isn't that hard. There's tons of
>> help out there and the linux newsgroups are very helpful (the really
>> annoying linux zealots seem to only hangout in the windows
>> newsgroups).

> Um, I don't see where he can run ASP pages in your FREE solution. Free
> is relative - he would have to consider the down-time, the time to
> convert from ASP to another platform (PHP, etc..) and the cost
> associated with maintaining a new platform (assuming he's not a Linux
> tech).

Considering down-time as a cost i cannot see how any windows
solution can be cheaper then a linux one.

> In addition,, there is nothing insecure about IIS, we've been hosting
> sites for more than 5 years and have never been hacked - it's all in
> what you know and how good you are at securing it. Even Apache is easy
> to hack if you don't secure it.

I think cert has another view of "what is secure" just count
the number of vulnabilities found and the number of infected systems.

IIS is'nt even the market leader, with less then 25% of installed
webservers it has 99% of infected systems "out there"

> So, considering he appears to be a MS platform developer, a box like you
> suggest makes no sense for him unless he wants to abandon the MS
> platform.

http != MS

> I always love how people say that Linux is free - but they never
> consider the cost of conversion for the apps, technicians, support
> centers people, etc... And they always said it can run on an old P200
> system, BS, to run a "server" acting as a decent box you need at least a
> P3 with good drives and memory to match.

> I have a RH 9.1 install running on a Celeron 466 with 512MB of RAM and
> 30GB of drive space and opening office on it is slow as hell, and most
> times it looks like it's locked up. On a P4 it screams.

> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me) 

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

Relevant Pages

  • Re: Ten least secure programs
    ... Subject: Ten least secure programs ... only someone that's hard up to bash Linux users would assume this. ... > corrected virtually all current and yet to be discovered security issues ...
    (Security-Basics)
  • RE: Ten least secure programs
    ... contrary to the statistics. ... corrected virtually all current and yet to be discovered security issues ... with Linux. ... Subject: Ten least secure programs ...
    (Security-Basics)
  • RE: Religion... was RE: [Full-Disclosure] Re: January 15 is Personal Firewall Day, help the cause
    ... there is no A/V software for Linux that protects ... Of course, many of them do run A/V software, but it's to protect Windows ... In today's environment, software *must* be secure first, with usability added ... Microsoft systems take the opposite approach, ...
    (Full-Disclosure)
  • Linux v Dedicated NAT routers - secure remote differences
    ... using NAT routers can get a secure ... remote tunnel from a Windoze machine behind it to talk through a Checkpoint ... I can't with a linux NAT box. ...
    (comp.security.firewalls)
  • Re: Future of IT in Lebanon
    ... - if a program that starts secure does not change then chances are that it remains secure ... Windows security has been breached, therefore there's no reason to believe that the problem can get worse on Linux, giving time and inclination. ... Personally, I think that position is unfair and does not take into consideration the simple fact that Microsoft made the industry, ... having a spec and publishing a spec are different notions. ...
    (soc.culture.lebanon)