RE: insecurity in internet connection thro cable modems

["Perrymon, Josh L." <PerrymonJ () bek com>]

Yeah...  I ( Security Professional ) would implement IPChains or a PIX @
home...  
But don't you think Linux is completely out of the question for a regular
end user?????

I'm looking for an application based firewall for my VPN users..  
So far ZONE ALARM is my choice..  I just wished I could integrate it with
the PIX VPN client like the concentrator can.



Any Ideas??
-JP

-----Original Message-----
From: Chapman, Justin T [mailto:JtChapma () bhi-erc com]
Sent: Friday, February 07, 2003 11:29 AM
To: 'firewall-wizards () honor icsalabs com '
Subject: RE: [fw-wiz] insecurity in internet connection thro cable
modems


> ipchains is old ( for the previous Linux Kernel 2.2 ), iptables
> http://www.iptables.org would be a better choice.

Agreed.  If it's an option at all, choose iptables over ipchains.  It's more
flexable and it's a stateful packet filter, which makes for a "smarter"
firewall.  IPtables (and ipchains for that matter) can be a bit intimidating
to work with, especially if you're new to the syntax.  If you're going to
"rolll your own" firewall, I would suggest searching Google/Freshmeat.net
for "iptables generator".  There are plenty of scripts/web frontends/guis
that make creating simple "consumer-grade" firewalls a snap.  One that I
particularly like is a cgi-based one at:

http://morizot.net/firewall/gen/ 

Good luck!

--justin

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards