Firewall Wizards mailing list archives
Re: Router with firewall suggestion
From: "CTA" <cta () hcsin net>
Date: Sun, 15 Dec 2002 10:56:38 -0500
<color><param>0100,0100,0100</param>On 2 Dec 2002, at 15:03, Steve Bostedor wrote: </color>From: "Steve Bostedor" <<Steveb () tshore com> To: <<firewall-wizards () honor icsalabs com> Subject: [fw-wiz] Router with firewall suggestion Date sent: Mon, 2 Dec 2002 15:03:26 -0500 <color><param>7F00,0000,0000</param>> We have a small block of external Ip addresses being routed to us
from our broadband ISP. They do not allow us to set the
access-lists on their edge router, so we need to put something on
our side that will filter traffic and act as a firewall for those
addresses. Layer 3 switches look real expensive. Any
recommendations?
Thanks!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
</color>>>> <color><param>0100,0100,0100</param><FontFamily><param>Times New Roman</param><bigger>Get BSDi and a Pentium II/III class machine with two NICs, 512M RAM, and build a Bastion Host. (Cost << $3k) You can do with FreeBSD or OpenBSD, but not LINUX. Sorry but LINUX s implementation of packet filtering is way to venerable. If you are really into hacking a STRONG Bastion, try building a BPF based filter. If you dont know what BPF is then move on One interface to your router/Open-DMZ and the other to your Private or Managed DMZ Run IPFW on both interfaces to filter IN only that traffic which you need. Setup standard IP and SMURF filters on the router. NIX FW on you Gateway Routers! IMHO </color><FontFamily><param>Arial</param><smaller> <nofill>
This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication may contain material protected by the attorney-client privilege. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you have receive this email in error, please immediately notify the sender by email.
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Router with firewall suggestion Steve Bostedor (Dec 15)
- Re: Router with firewall suggestion Paul D. Robertson (Dec 15)
- Re: Router with firewall suggestion CTA (Dec 15)