Firewall Wizards mailing list archives
Re: Linux Firewall - Bob's Experiment
From: "B. Scott Harroff" <Scott.Harroff () att net>
Date: Wed, 8 Aug 2001 11:09:02 -0400
OpenBSD is my preference as well. May I add its also quite difficult (dare I say impossible) to remotely hack a firewall when its configured as an IPless bridge (see URL). http://www.openlysecure.org/content/html/highestsec.html ----- Original Message ----- From: "Bob Washburne" <rcwash () concentric net> To: <rob.roberson () verizon com> Cc: <firewall-wizards () nfr com> Sent: Wednesday, August 08, 2001 9:04 AM Subject: Re: [fw-wiz] Linux Firewall - Bob's Experiment
Linux is usable, but my personal prefferance is http://www.openbsd.org/ which is a battle hardened unix clone. I am developing a system for my home as an experiment: -) i486 running OpenBSD as a gateway/NAT to the Internet. Everything else other than NAT stripped off the system (can't hack what ain't there). -) P166 running OpenBSD as a bridge/firewall/IDS between the NAT and the LAN (a bridge doesn't have an IP address. Can't hack what you can't see.) -) LAN running whatever with non-routable IP addresses. I am hopeing that this stratagy will go a long way in protecting my firewall from compromise. I have no illusions about what a firewal can and cannot do, but at least this one layer will be well protected :-) The next phase would be to configure the NAT is such a way that it can be burned onto CD and the hard drive removed. Very difficult to hack a read-only system... Bob Washburnei got a linux box i would like to turn into a firewall for home... i
have
it set up right now with 2 nics and just using simple maquerading. I
would
like to go to the next step in complexity... I was looking around sourceforge and freshmeat and saw a mind boggling number of programs.. I
am
new to firewalls, but experienced in Linux / AIX / HPUX. Any input would
be
appretiated and welcomed.. Adam Graham _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Linux Firewall adam (Aug 07)
- Re: Linux Firewall David Amiel (Aug 07)
- Re: Linux Firewall Yang Lee (Aug 07)
- Re: Linux Firewall Don Kendrick (Aug 08)
- Re: Linux Firewall spiff (Aug 10)
- <Possible follow-ups>
- RE: Linux Firewall Smith Gary-GSMITH1 (Aug 07)
- Re: Linux Firewall ark (Aug 07)
- Re: Linux Firewall rob . roberson (Aug 07)
- Re: Linux Firewall - Bob's Experiment Bob Washburne (Aug 08)
- Re: Linux Firewall - Bob's Experiment B. Scott Harroff (Aug 10)
- Re: Linux Firewall - Bob's Experiment Bob Washburne (Aug 10)
- Re: Linux Firewall - Bob's Experiment Bob Washburne (Aug 08)
- RE: Linux Firewall Gerry Brennan (Aug 10)
- RE: Linux Firewall Carl Friedberg (Aug 07)