Security Basics mailing list archives
RE: suggestions on a good firewall
From: "Jon Pastore" <jpastore () idetech net>
Date: Fri, 30 May 2003 06:09:00 -0400
My only problem with iptables is I've experienced a problem with it running on Red Hat 7.0 - AS 2.1 where it will just stop analyzing packets and just pass em on through until I restart the service. A rep at Red Hat support said this was due to the use of a depreciated driver (eepro100) well if it's deprecated and you know you have a better one then go ahead and not make that the default on install! So I changed the driver for my NIC to use ee100 instead, a better driver, but alas it this error/bug/over sight/exhaustion still took place...I've resorted to just creating a cron job to restart the start the service ever so often. It took weeks before it happened...This has since fixed my problem...Although there is a .05 sec moment of being vulnerable I guess.... At one of my office's we switched to using Watch Guard. Seems like a pretty nice product. Softwall looked like a viable option as well. My only problem was they were not in the US and I have a problem with not having easy to enforce laws backing my relationship with a company if there was ever a problem. Jon Pastore RHCE, President IDE Tech, Inc. (954) 360-0393 Office (954) 428-0442 Fax -----Original Message----- From: Daniel R. Miessler [mailto:danielrm26 () hotmail com] Sent: Wednesday, May 21, 2003 12:05 AM To: security-basics () securityfocus com Subject: RE: suggestions on a good firewall -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Please get a real Firewall use OpenBSD and PF
You can't go wrong with Linux and IPTABLES either (unless you misconfigure it). :) If you are not manually oriented, check out Astaro at www.astaro.com. It's a top-notch product, and I don't believe any of the more popular firewall distros even come close to it. It's also free for home use - in case you are wondering. - -Daniel Miessler -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBPsr641Jwf7WiYT5vEQKftgCfenZwtt70IoRrB2ByrdNpzHrVpjMAoNAM y2QGW9+Ro41dOaRLndGjMZIY =RRug -----END PGP SIGNATURE----- ------------------------------------------------------------------------ --- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re[4]: suggestions on a good firewall, (continued)
- Re[4]: suggestions on a good firewall Malte von dem Hagen (May 23)
- RE: suggestions on a good firewall dschaible (May 23)
- Re: suggestions on a good firewall Jeff (May 23)
- RE: suggestions on a good firewall Jason Dixon (May 26)
- RE: suggestions on a good firewall Mark (fat) (May 21)
- RE: suggestions on a good firewall Daniel B. Cid (May 22)
- RE: suggestions on a good firewall silvia ghezzi (May 22)
- RE: suggestions on a good firewall lassal (May 23)
- Re: suggestions on a good firewall Andreas Happe (May 22)
- RE: suggestions on a good firewall Daniel R. Miessler (May 21)
- RE: suggestions on a good firewall Jon Pastore (May 30)
- RE: suggestions on a good firewall Mark Ng (May 21)
- RE: suggestions on a good firewall dave (May 22)
- Re: suggestions on a good firewall planz (May 22)
- RE: suggestions on a good firewall Jim Barrett (May 22)
- RE: suggestions on a good firewall Des Ward (May 23)
- RE: suggestions on a good firewall David Gillett (May 22)