From owner-freebsd-isp Thu Apr 24 12:06:21 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id MAA24579 for isp-outgoing; Thu, 24 Apr 1997 12:06:21 -0700 (PDT) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA24553; Thu, 24 Apr 1997 12:06:14 -0700 (PDT) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id MAA29033; Thu, 24 Apr 1997 12:04:29 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd029030; Thu Apr 24 19:04:27 1997 Message-ID: <335FAEA4.446B9B3D@whistle.com> Date: Thu, 24 Apr 1997 12:04:04 -0700 From: Julian Elischer Organization: Whistle Communications X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386) MIME-Version: 1.0 To: Mike Tancsa CC: Jim Shankland , freebsd-isp@freebsd.org, security@freebsd.org Subject: Re: Commercial vs built in firewall capabilities of FreeBSD References: <3.0.1.32.19970424130621.00b82320@sentex.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-isp@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Mike Tancsa wrote: > [...] To go to a new dedicated customer and > say "look, we can give you a unit that will act as your gateway, provide > decent security for your LAN for basically the cost of the hardware, plus > our consulting fee, or you can go with one of these commercial products for > $XXX, and will provide you with YYY features that the other solution wont > give you", gives us that much more flexibility... > > I guess what I am really after in asking these questions is a response like > "FreeBSD + its security software ? No way! You cant protect against XXXXX > attacks... Its crucial!" But so far, I havent seen any show stoppers... > > One thing I have found somewhat suprising in this research project is the > reaction to Microsoft's PPTP RFC, or to be more precise, the lack of > reaction to it. I did a search through Dejanews (for those of you who > havent tried it, check out http://www.dejanews.com), and found absolutely > no mention of in in the FreeBSD mailing lists, or in the newsgroups, and > hardly any mention of it even in comp.unix*... Is it because its a > Microsoft initiative ? > check out www.whistle.com for a FreeBSD based version of what you are talking about. VPNs are not yet implimented and the firewalling is still being improved. but as a drop-in box it does admirably and it's a lot cheaper. >