nanog mailing list archives
RE: Security on a home DSL Line
From: "Sean Figgins" <sfiggins () mail wcg net>
Date: Fri, 3 Nov 2000 09:01:56 -0600
Of course, you could always find a ISP that is using the Nortel Shasta box. Great little box with firewall abilities built into it, Checkpoint style. The problem with filtering at the CPE end of the DSL/Cable link is that whatever you throw away, it has already consumed the bandwidth to get it there. Look for more providers to start using it, and for some major announcements to come. You may still want to be sure that your box is secure, in the event that you WANT remote access to your home. -----Original Message----- I've got a Pentium 100 running OpenBSD 2.7, setup with two nics in bridging mode with ipfilter. It required no re-addressing of my existing network and works quite well. I personally like it more than any of the desktop firewalls. I've got a 3Mbps cablemodem (downstream is actually UHF instead of cable plant with an ISDN wired return), and it handles all the traffic with no problem. I'd reccomend this setup over the desktop firewall packages. They generally don't report enough information to effectively track offenses down. With an *BSD or Linux box you get a lot more tools to help you, like tcpdump, ethereal, snort, etc. -- Joseph W. Shaw Sr. Network Security Specialist for Big Company not to be named because I don't speak for them here. I have public opinions, and they don't. On Thu, 2 Nov 2000, J. Gilmore wrote:
I'm looking to beef up security on a home DSL line. Currently I am using ZoneAlarm (the freeware version). I'm thinking of taking an old Pentium 120, and setting that up as a firewall, but wanted to know if anyone else had a better idea.
Current thread:
- Security on a home DSL Line J. Gilmore (Nov 02)
- Re: Security on a home DSL Line Todd Caine (Nov 02)
- Re: Security on a home DSL Line Steven J. Sobol (Nov 02)
- Re: Security on a home DSL Line David Charlap (Nov 02)
- Re: Security on a home DSL Line Bryan Pace (Nov 02)
- Re: Security on a home DSL Line James M. Shuler III (Nov 02)
- Re: Security on a home DSL Line Steve Sobol (Nov 02)
- Re: Security on a home DSL Line Joe Shaw (Nov 02)
- RE: Security on a home DSL Line Sean Figgins (Nov 03)
- Re: Security on a home DSL Line Shawn McMahon (Nov 03)
- <Possible follow-ups>
- RE: Security on a home DSL Line Roeland Meyer (Nov 02)
- RE: Security on a home DSL Line Steven J. Sobol (Nov 02)
- Re: Security on a home DSL Line Brandon Hume (Nov 03)
- RE: Security on a home DSL Line Sean Figgins (Nov 03)
- RE: Security on a home DSL Line Roeland Meyer (Nov 03)
- Re: Security on a home DSL Line James M. Shuler III (Nov 04)
- RE: Security on a home DSL Line Rishi Singh (Nov 03)
- RE: Security on a home DSL Line Dennis Dayman (Nov 03)
- Re: Security on a home DSL Line Shawn McMahon (Nov 03)
(Thread continues...)
- Re: Security on a home DSL Line Todd Caine (Nov 02)