RE: suggestions on a good firewall

["Jon Pastore" <jpastore () idetech net>]

My only problem with iptables is I've experienced a problem with it
running on Red Hat 7.0 - AS 2.1 where it will just stop analyzing
packets and just pass em on through until I restart the service.  A rep
at Red Hat support said this was due to the use of a depreciated driver
(eepro100) well if it's deprecated and you know you have a better one
then go ahead and not make that the default on install! So I changed the
driver for my NIC to use ee100 instead, a better driver, but alas it
this error/bug/over sight/exhaustion still took place...I've resorted to
just creating a cron job to restart the start the service ever so often.
It took weeks before it happened...This has since fixed my
problem...Although there is a .05 sec moment of being vulnerable I
guess....

At one of my office's we switched to using Watch Guard.  Seems like a
pretty nice product. Softwall looked like a viable option as well. My
only problem was they were not in the US and I have a problem with not
having easy to enforce laws backing my relationship with a company if
there was ever a problem.

Jon Pastore RHCE, President
IDE Tech, Inc.
(954) 360-0393 Office
(954) 428-0442 Fax


-----Original Message-----
From: Daniel R. Miessler [mailto:danielrm26 () hotmail com] 
Sent: Wednesday, May 21, 2003 12:05 AM
To: security-basics () securityfocus com
Subject: RE: suggestions on a good firewall


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Please get a real Firewall use OpenBSD and PF

You can't go wrong with Linux and IPTABLES either (unless you
misconfigure it).  :)  If you are not manually oriented, check out
Astaro at www.astaro.com.  It's a top-notch product, and I don't believe
any of the more popular firewall distros even come close to it.  It's
also free for home use - in case you are wondering.

- -Daniel Miessler

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBPsr641Jwf7WiYT5vEQKftgCfenZwtt70IoRrB2ByrdNpzHrVpjMAoNAM
y2QGW9+Ro41dOaRLndGjMZIY
=RRug
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
---
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check
Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now! --UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
----------------------------------------------------------------------------