Firewall Wizards mailing list archives
Re: insecurity in internet connection thro cable modems
From: Dave Mitchell <dmitchell () viawest net>
Date: Fri, 14 Feb 2003 14:03:11 -0700
For normal users I'd recommend some sort of appliance filter or firewall. More than likely, natting a home network behind a linksys soho router would be sufficient. If you want to do VPNing and what not, I think a Netscreen 5 would be the best for the home firewall. Putting in PIX 501's at someones home would be insane. If you have to administer it, a small Netscreen is much easier than dealing with PIX. -dave On Fri, Feb 14, 2003 at 10:42:16AM -0600, Perrymon, Josh L. wrote:
Yeah... I ( Security Professional ) would implement IPChains or a PIX @ home... But don't you think Linux is completely out of the question for a regular end user????? I'm looking for an application based firewall for my VPN users.. So far ZONE ALARM is my choice.. I just wished I could integrate it with the PIX VPN client like the concentrator can. Any Ideas?? -JP -----Original Message----- From: Chapman, Justin T [mailto:JtChapma () bhi-erc com] Sent: Friday, February 07, 2003 11:29 AM To: 'firewall-wizards () honor icsalabs com ' Subject: RE: [fw-wiz] insecurity in internet connection thro cable modemsipchains is old ( for the previous Linux Kernel 2.2 ), iptables http://www.iptables.org would be a better choice.Agreed. If it's an option at all, choose iptables over ipchains. It's more flexable and it's a stateful packet filter, which makes for a "smarter" firewall. IPtables (and ipchains for that matter) can be a bit intimidating to work with, especially if you're new to the syntax. If you're going to "rolll your own" firewall, I would suggest searching Google/Freshmeat.net for "iptables generator". There are plenty of scripts/web frontends/guis that make creating simple "consumer-grade" firewalls a snap. One that I particularly like is a cgi-based one at: http://morizot.net/firewall/gen/ Good luck! --justin _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- -------------------------- Dave Mitchell Network Engineer, ViaWest dmitchell () viawest net (720) 891-1045 -------------------------- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- insecurity in internet connection thro cable modems ravi (Feb 07)
- Re: insecurity in internet connection thro cable modems Yvette Agostini (Feb 07)
- Re: insecurity in internet connection thro cable modems staf wagemakers (Feb 07)
- <Possible follow-ups>
- Re: insecurity in internet connection thro cable modems rob . roberson (Feb 07)
- RE: insecurity in internet connection thro cable modems Symon Thurlow (Feb 07)
- RE: insecurity in internet connection thro cable modems Chapman, Justin T (Feb 07)
- RE: insecurity in internet connection thro cable modems Perrymon, Josh L. (Feb 14)
- Re: insecurity in internet connection thro cable modems Dave Mitchell (Feb 14)
- RE: insecurity in internet connection thro cable modems Noonan, Wesley (Feb 15)
- Re: insecurity in internet connection thro cable modems Dave Mitchell (Feb 16)
- Re: insecurity in internet connection thro cable modems stefmit (Feb 18)
- Re: insecurity in internet connection thro cable modems Dave Mitchell (Feb 16)
- RE: insecurity in internet connection thro cable modems Noonan, Wesley (Feb 16)
- Re: insecurity in internet connection thro cable modems Dave Mitchell (Feb 17)
- RE: insecurity in internet connection thro cable modems Bruce Platt (Feb 16)
- RE: insecurity in internet connection thro cable modems Noonan, Wesley (Feb 16)
- RE: insecurity in internet connection thro cable modems Bruce Platt (Feb 17)
- RE: insecurity in internet connection thro cable modems Scot Hartman (Feb 17)