glad you have the time and energy to do what you do and it works for you. With all the maintenance and stuff, I am glad you have the time to do it and I can tell you are deep into it.
Well, I did spend more time learning... but given any PC with two network cards (or one connection to the Internet and one network card) I can be online and working in less than 1 hour. That's less time than it would take to drive to Office Depot and back. As I said, pros and cons on each side.
For $40 dollars, I can put my computers behind a firewall and forget about it cause it ain't going to be hacked by anybody and it has good performance and reliability.
History proves conclusively that anyone who says "it can't be done" (and especially "it can't be hacked") is eventually proven wrong. Come on... the NSA, CIA, and many *major* banks worldwide have been hacked, but your little blue box is perfect? Right.
Are you more secure no.
I'd be happy to see you provide any evidence for that statement.
I mean large corporations would have a perfect solution with your hook up but they are very vulnerable with this setup.
Please explain where the vulnerability lies, since to you it's obvious. Also, when showing any vulnerability, please show how that does not apply to the LBB (Little Blue Box since I'm tired of typing that so often and I don't want to specifically pick on Linksys). My Linux box is a router, firewall, gateway, masquading server with DHCP. So is your LBB. Where do you see the vulnerability?
Also note that this setup has run nicely at my home, my mom's home, my wife's three-person office, etc. for years now. Three boxes are over four years old. *None* of them require more than 15 minutes a month from me. And the LBB's I oversee *also* need that time... firmware updates, configuration changes, etc.
Routers have their problems and in to enable certain features you can open up, but for all practical purposes individuals don't need to do that. So for the cost factor you can't beat the hardware router. Cheers!!
Hold on: you've said that routers have their problems and they are vulnerable. You've especially stated that "large corporations" are very vulnerable. I see two problems:
1. There is a direct contradiction in your statement that routers are vulnerable but that your LBB is perfect, since of course your LBB *is* a router. Note your last line re "the hardware router."
2. There is an implicit contradiction (in what I consider common sense) in your statement that large corporations are very vulnerable, since it sounds like you are saying that a $3,000 box with Firewall/1 on it (which is the *only* thing that product line does) or an ICSA-certified defense-in-depth firewall is going to be somehow less secure than the $50 LBB in which you place your undying faith.
Given that #2 is an interpretation, I might be misreading you.
I'll also disagree with the "routers have [...] certain features you can open up, but for all practical purposes individuals don't need to do that." First off, the LBB is a router, and it has features you can open, and ports you can forward. How is that any different? Second, who are you to tell all individuals what they do and don't need? Ed Wilts just posted recently about the web and mail servers he runs behind an LBB... should he shut them off? Third, since the LBB *does* allow you to open up ports (incoming and outgoing) and forward ports to other machines, and since you say the LBB is perfect, then opening and forwarding ports *must* be secure, right?
Finally, re the cost factor: you buy N LBB devices for $40 each. I set up firewalls that generally cost me $0 each. For N>0, the LBB is going to be more expensive in direct cost. Did I have a learning cost? Yes! Say that cost was ridiculously high... $4,000 of my time invested. So after 100 boxes, I'm breaking even monetarily but the reality is that I don't care because (a) I wanted to learn it and (b) it didn't cost me $4,000. If anything it cost me $500 in time, and I *have* set up easily 25 firewalls so far. $500 cost, $1,000 saved... I'm ahead.
Is everyone going to want to do this my way? No. Are they wrong? No. Is my path and solution a valid one? Yes. Am I wrong? No.
Care to comment? Because you are not proving anything to me so far.
And Otto, P-L-E-A-S-E!!!!! trim previous posts from your reply. It's downright rude to force everyone to read through four pages of prior text *again* because you didn't take the time to format a post properly. Keep whatever you need, but don't just resend the whole damn thing. It's *not* nice.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx http://www.simpaticus.com
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
