Security Basics mailing list archives
Re: suggestions on a good firewall
From: salgak () speakeasy net
Date: Tue, 20 May 2003 16:40:24 +0000
-----Original Message----- From: Mark Ng [mailto:laptopalias1-mark () informationintelligence net] Sent: Tuesday, May 20, 2003 04:11 PM To: security-basics () securityfocus com Subject: RE: suggestions on a good firewall Moderator: Please feel free to completely disregard this mail if you think I am being too harsh. Thanks. It's useful when expressing opinions to justify them. Each solution generally has it's own merits and disadvantages. Childish behaviour such as "get a real" "x is better than x"(without any justification) is just a waste of everyones time. There are people on this list who are genuinely trying to learn about security - these people need justifications, not religious fervour or fanboyism.
Agreed. A Windows box, properly locked down, can be a reliable firewall. Locking it down can be a chore, a much easier chore with Win2003 server, but still takes some expertise and finesse. I prefer hardware firewalls with a firmware basis, as they're harder to exploit, but many brands have reliability issues. I'm currently running Checkpoint and Gauntlet on Solaris, but this is a production environment I've inherited. For a good, relatively inexpensive firewall, I'd recommend the Linux-Mandrake firewall solution, running on commodity Intel hardware. Simple to set up, fairly easy to run, easy to maintain. The REAL question to ask when picking a firewall is really two questions: 1. What sort of threats am I defending against ? 2. What can my sysadmin handle ? A Junior MCSE handed a Slackware IPChains box is not going to be terribly effective, as an example. .. --------------------------------------------------------------------------- Thinking About Security Training? You Can't Afford Not To! Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics ----------------------------------------------------------------------------
Current thread:
- Re: suggestions on a good firewall, (continued)
- Re: suggestions on a good firewall Jeff (May 23)
- RE: suggestions on a good firewall Jason Dixon (May 26)
- RE: suggestions on a good firewall Mark (fat) (May 21)
- RE: suggestions on a good firewall Daniel B. Cid (May 22)
- RE: suggestions on a good firewall silvia ghezzi (May 22)
- RE: suggestions on a good firewall lassal (May 23)
- Re: suggestions on a good firewall Andreas Happe (May 22)
- RE: suggestions on a good firewall Daniel R. Miessler (May 21)
- RE: suggestions on a good firewall Jon Pastore (May 30)
- RE: suggestions on a good firewall Mark Ng (May 21)
- RE: suggestions on a good firewall dave (May 22)
- Re: suggestions on a good firewall planz (May 22)
- RE: suggestions on a good firewall Jim Barrett (May 22)
- RE: suggestions on a good firewall Des Ward (May 23)
- RE: suggestions on a good firewall David Gillett (May 22)