Date: Thu, 15 Mar 2001 09:15:22 -0600 From: Andrew Hesford <ajh3@chmod.ath.cx> To: richard childers <fscked@pacbell.net> Cc: bcohen@bpecreative.com, freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: Re: FreeBSD Firewall vs. Black Ice Message-ID: <20010315091522.B2685@cec.wustl.edu> In-Reply-To: <3AB0CE99.FA945074@pacbell.net>; from fscked@pacbell.net on Thu, Mar 15, 2001 at 06:15:53AM -0800 References: <NNEMIHKLBKHCIJHJJFGPGEDGDNAA.bcohen@bpecreative.com> <3AB0CE99.FA945074@pacbell.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I watch "The Screensavers" on TechTV quite often, and they always recommend the Linksys DSL/Cable Home Firewall. When I see this, I always have to laugh, because it's $160-180, and it's probably not too configurable (lest the do-it-yourselfer, who doesn't know what he's doing, break it). My idea of an effective and cost-effective choke point is an old P-100 with no hard drive or video, running PicoBSD from a single floppy. I configure it to keep-state on all connections originating inside my personal network, allow state-matching packets back in, and drop any other connection originating in the outside world except 22, 25 and 80, which are forwarded to my desktop. Not counting my time and the diskette, the whole machine cost me $100, and I now have a spare hard disk and video card. The two NICs were cheap, $15 each, so we're talking $130, which is cheaper than the Linksys product, it is more configurable, and I'll bet more reliable. On Thu, Mar 15, 2001 at 06:15:53AM -0800, richard childers wrote: > I'm not saying that this should replace the idea of a UNIX-based > firewall but it is an excellent > and cost-effective choke point, behind which a firewall can be placed, > while - at least with > the RT314 - you still have the ability to sample traffic more directly, > if you care to, via one of > the additional ports. -- Andrew Hesford ajh3@chmod.ath.cx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010315091522.B2685>