From owner-freebsd-questions Tue Nov 19 1:30:11 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0476937B404 for ; Tue, 19 Nov 2002 01:30:10 -0800 (PST) Received: from wxp.homeip.net (adsl-212-101-16-119.solnet.ch [212.101.16.119]) by mx1.FreeBSD.org (Postfix) with SMTP id 5EEC243E91 for ; Tue, 19 Nov 2002 01:30:08 -0800 (PST) (envelope-from pbrossin@swissgeeks.com) Received: (qmail 31582 invoked by uid 100); 19 Nov 2002 09:30:07 -0000 Received: from 195.49.31.34 ( [195.49.31.34]) as user nitrox@localhost by www.swissgeeks.com with HTTP; Tue, 19 Nov 2002 10:30:06 +0100 Message-ID: <1037698206.3dda049e32874@www.swissgeeks.com> Date: Tue, 19 Nov 2002 10:30:06 +0100 From: Pierrick Brossin To: Avleen Vig Cc: Giorgos Keramidas , Greg 'groggy' Lehey , "freebsd-questions@FreeBSD.ORG" Subject: Re: FreeBSD Easy Server References: <20021119090804.T53207-100000@apple.silverwraith.com> In-Reply-To: <20021119090804.T53207-100000@apple.silverwraith.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 X-Originating-IP: 195.49.31.34 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Errrr.. > The only real benefits you get from a firewall are: > 1) controlling which IP addresses can access a service > 2) *maybe* bandwidth shaping. *maybe*. > 3) packet re-writing. That's all ? I thought the firewall was THE thing to have when you have a server which is running 24 jours a day, 365 days per year! I'm considering myself as a newbie under FreeBSD for the moment so I may be wrong about the next point but what you telling me is that I can restrict access to certain services to certains IPs ? So I would use the config file of each service to say this one can access, let's samba .. this one cant (interfaces=... in smb.conf if I remember correctly). They are Linux (ouch :D) distributions that are only firewall and don't run any other services (like smoothwall if I'm right). So a distribution like this one is superfluous for users like me ? I own swissgeeks.com and need a little bit of security. Got a lot of stuff running on this server and if I'm switching to FreeBSD I have to be sure I won't get hacked, though it's always possible. Let's say I'd like the same security as SME provides me for the moment. As known, 1 year and a half and no problem! This was the story :D Cya To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message