On Wed, 2003-07-23 at 12:27, John Haxby wrote: > All six of us have home networks making a separate firewall make a lot > of sense as you said. I agree that I didn't provide enough information > -- the poor hackee was running, as I recall, a firewall on Debian which > simply wasn't up to the job. Straightforward mis-configuration and not > keeping a critical package up to date. > > Avoid LinkSys -- that seems to be the general message -- Netgear seem > pretty good, they keep on top of updatesm, apparently. As a matter of > course, we all port-scanned our home networks and tried to attack the > few ports that are open. Well, I've only used a couple gateway appliances. Both of them Netgear, one new from the store, one for $20 from Goodwill. Ironically the new one failed while the used one is still working ;) Anyway, I'd be reluctant to make brand recommendations either way, my point having more to do with open-source vs proprietary solutions. Even though Linksys is known to use Linux, the fact that you are forced to wait for vendor updates relegates it to the proprietary heap with all the risks that entails. Netgear is no different, IMO. > I do agree with you. A Linux firewall isn't difficult to set up. And > yes, I could've got a cheap PC (rdc.co.uk typically have them for next > to nothing, and in sterling :-)) but the Netgear firewall is silent > which means it doesn't annoy me when I'm listening to music, or just > want to be quiet. Of course, what I may well do at some time in the > future is simply get the Netgear firewall to forward everything to a PC > and it can do that -- the ability to make it transparent was a key > feature when I bought it. Silence isn't so important to me as my desktop PC already makes enough noise that it doesn't matter. I just bought bigger speakers: subwoofer trumps fans everytime ;) At work I've got a P100 running RH8 as a firewall. At home, my desktop PC firewalls my home network (which consists of my gf's laptop and of course, my PC). The only real difference, security-wise, is that if I were dumb enough to somehow get my desktop PC owned, my firewall is compromised as well. However, since the point of the firewall is to protect my desktop PC, well, what difference does it make then? Sort of like worrying if the safe door is still locked after someone has stolen the contents ;) > I haven't changed my mind though. For someone with little or no > experience setting up a firewall, go for something simple that has a > reasonable reputation. Go for what your friends have and recommend, > definitely don't take my word for it, or the word of anyone else on the > shrike list! Especially on the shrike list ;) Yes, I'd have to concur that if someone doesn't have a clue, a proprietary firewall is better than a misconfigured Linux firewall. Regards, -- Cliff Wells, Software Engineer Logiplex Corporation (www.logiplex.net) (503) 978-6726 (800) 735-0555 -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
