Router/Firewall Recommendation
Ward William E DLDN
wardwe at navseadn.navy.mil
Thu Jun 24 20:56:33 UTC 2004
> -----Original Message-----
> From: Otto Haliburton [mailto:ottohaliburton at comcast.net]
> Sent: Thursday, June 24, 2004 2:18 AM
> To: 'General Red Hat Linux discussion list'
> Subject: RE: Router/Firewall Recommendation
> glad you have the time and energy to do what you do and it
> works for you.
> With all the maintenance and stuff, I am glad you have the
> time to do it and
> I can tell you are deep into it. For $40 dollars, I can put
> my computers
> behind a firewall and forget about it cause it ain't going to
> be hacked by
> anybody and it has good performance and reliability. So if
> you got the time
> and stuff, that is good for you. Are you more secure no. I mean large
> corporations would have a perfect solution with your hook up
> but they are
> very vulnerable with this setup. Routers have their problems
> and in to
> enable certain features you can open up, but for all
> practical purposes
> individuals don't need to do that. So for the cost factor
> you can't beat
> the hardware router. Cheers!!
And for $0, you can download IPCop and do the same with a
donated computer, which IS a hardware firewall; it's slightly
less "Fire and Forget", but it's also a world more powerful,
and a world more secure. BTW, NAT as security is the same
security you get from using Microsoft Windows: Security by
Obscurity. If you think that's the be all, end all, then
why are you on a Linux mailing list?
BTW, time to install an IPCop from Scratch: ~10 minutes. Time
to reinstall, and reconfigure: ~10 minutes+15 seconds. Time
to configure a Firewall Brick: ~10 minutes (sometimes more; some
of them are poorly configured, and require constant reboots of
teh brick everytime you change a setting).
Peace of Mind over having a REAL Firewall based on IPTables,
SQUID, SNORT, decent logging, etc., that I can configure to
exactly the way I need, complete with DMZ, if needed: Priceless.
Bill Ward
More information about the redhat-list
mailing list