Security Basics mailing list archives
RE: Need secure firewall for SOHO
From: "Mike Sweeney" <mikesweeney () packetattack com>
Date: Thu, 3 Feb 2005 09:58:40 -0800
Linux has more than a few choices available. For a command line, you can use shorewall. For a GUI interface to iptables, you can use Firestarter. For a full featured firewall, you can always look at IPCOP. A second set of solutions can be Gibraltar which can run off a CDR which is a nice secure way to configure a firewall and they offer a free license for non-commercial use as does Astaro. I personally prefer Gibraltar's frontend over Astaro but either work well. Firestarter has worked very well for a quick and dirty firewall configuration on a testbox of mine. My own experience is that the personal firewalls like ZoneAlarm, McAfee, Kerio etc have their place but are not to be relied on for anything beyond very limited protection. There some that will argue this point, but that is my opinion. Nothing more, nothing less. I do use Kerio on my travel laptop and it's proven to be useful and rather non-intrusive in my day to day activities. But in the office, I use one of several different "real" firewalls depending on what I'm working with at the time. MikeS _________________________________ Packetattack.com Network Design and Security www.packetattack.com Office (714).637.4235 "QUIS CUSTODIET IPOS CUSTODES" WHO SHALL GUARD THE GUARDS -----Original Message----- From: dallas jordan [mailto:dallas.jordan () gmail com] Sent: Wednesday, February 02, 2005 5:54 PM To: Jim.DAmbrosia () montgomerycollege edu;security-basics () securityfocus com Subject: Re: Need secure firewall for SOHO Jim, I dont believe OpenBSD has a GUI for its firewall configuration. I could be wrong. I've just always edited the config file. It's pretty easy to set up a basic firewall and the documentation on the Openbsd website is really good. There may be some 3rd party xwindows gui you could find. Plus, OpenBSD is "out of the box" really secure. On Wed, 2 Feb 2005 16:40:31 -0500, DAmbrosia, Jim <Jim.DAmbrosia () montgomerycollege edu> wrote:
Hi Dallas, I'll point him in that direction. I briefly looked at the website and was curious. Does it have and xwindows interface for operations and configuration? Thanks, Jim, -----Original Message----- From: dallas jordan [mailto:dallas.jordan () gmail com] Sent: Wednesday, February 02, 2005 3:29 PM To: DAmbrosia, Jim Subject: Re: Need secure firewall for SOHO Jim, He can run OpenBSD on a fairly low power pc and it will do just fine. Then he can us a 16 port switch for his clients. That would be fairly cheap and OpenBSD is an excellent firewall, both performance and security wise. On Tue, 1 Feb 2005 08:47:12 -0500, DAmbrosia, Jim <Jim.DAmbrosia () montgomerycollege edu> wrote:To the group, I have a colleague who has a SOHO network using ADSL. He is using astandard Linksys router for his firewall, but has reached a limit in the number of ports it can open and manage. I don't have one on hand to check, but evidently the Linksys only has ten slots to configure ports to be opened and he needs 12-15 or so.Without a lot of money he wants to get a different firewall up andrunning that has more ports that it can manage.I suggested the free version of zone alarm as the only free one I'maware of; however it turns out that he wrote his thesis on how you can crack zone alarm.Looking for another much more secure solution? Thanks, Jim,-- Dallas Jordan CCNA, CISSP Ernst & Young LLP Security & Technology Solutions (STS) Office: 404-817-5940 Mobile: 404-274-2649 EY/Comm: 7455673 E-mail: Dallas.Jordan () ey com
-- Dallas Jordan CCNA, CISSP Ernst & Young LLP Security & Technology Solutions (STS) Office: 404-817-5940 Mobile: 404-274-2649 EY/Comm: 7455673 E-mail: Dallas.Jordan () ey com
Current thread:
- RE: Need secure firewall for SOHO, (continued)
- RE: Need secure firewall for SOHO Beauford, Jason (Feb 03)
- RE: Need secure firewall for SOHO Bryan S. Sampsel (Feb 03)
- Re: Need secure firewall for SOHO dallas jordan (Feb 03)
- RE: Need secure firewall for SOHO Andrew Shore (Feb 03)
- RE: Need secure firewall for SOHO Carson Sweet (Feb 03)
- Re:Need secure firewall for SOHO Ghaith Nasrawi (Feb 03)
- Re: Need secure firewall for SOHO James D. Fryman (Feb 04)
- Re: Re:Need secure firewall for SOHO Barrie Dempster (Feb 04)
- RE: Need secure firewall for SOHO Liran Cohen (Feb 03)
- RE: Need secure firewall for SOHO Danny Puckett (Feb 03)
- RE: Need secure firewall for SOHO Mike Sweeney (Feb 04)
- RE: Need secure firewall for SOHO DAmbrosia, Jim (Feb 04)
- Re: Need secure firewall for SOHO dante hicks (Feb 07)
- Finding Nessus False POsitives kaps lock (Feb 07)
- Password Auto-Repository xyberpix (Feb 09)
- RE: Password Auto-Repository Drew Burke (Feb 09)
- Re: Password Auto-Repository Mike Chapple (Feb 10)
- RE: Need secure firewall for SOHO Beauford, Jason (Feb 03)
- RE: Need secure firewall for SOHO Justin Coffi (Feb 04)
- RE: Need secure firewall for SOHO Javier Otero De Alba (Feb 04)
- Re: Need secure firewall for SOHO Jonathan Nichols (Feb 07)
- RE: Need secure firewall for SOHO Mike Sweeney (Feb 07)