To my knowledge, all it is is a glorified NAT device. I am not aware that it
offers any kind of protection other than NAT.
I use GNATBox light for my home. It's free and runs quite well on a 486 with
30 MB of RAM, which can be bought on ebay for $20. The only complaint I have
is that it doesn't do DHCP Server functions (but can use DHCP on the
interfaces as a client), and of course, with the Light version I think I am
restricted to 5 outbound and 4 inbound connections at a time. I have had it
audited a couple of times by a buddy of mine who is a security dude for one
of the local companies in town, and he wasn't able to do much to it. The
only stuff he saw was what was configured (i.e. port 80 open, etc.) and he
was unable to exploit it. That said, it was hardly an exhaustive test...
much more of a "how do I match up against the script kiddies, and 'casual'
hackers out there" kind of test.
I have also heard good things about SonicWall as well as the GNATBox full
product. Both can be had for about $250 IIRC.
www.gnatbox.com
www.sonicwall.com
HTH
Wes Noonan, MCP+I/MCSE/MCT/CCNA/NNCSS
Senior QA Rep
(713) 918-2412
BMC Software, Inc.
[EMAIL PROTECTED]
http://www.bmc.com
-----Original Message-----
From: Lance Ecklesdafer [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 12, 2000 12:05
To: [EMAIL PROTECTED]
Subject: LinkSys 4-Port Router
Hello all,
I have been reading about this Linksys product that provides limited
firewall functionality and routing for a four-node private network. I am not
sure if this product can offer good security for a casual home network. I
have not seen a detailed specifications list or documentation for this
product. The only thing I know about this product is that it uses NAT which
does not make it a firewall. What kind of interface is there for configuring
this device? Does this device support VPN connections through a Checkpoint
or other IPSEC firewall? I am thinking that you would also need to load
software based protection on the internal workstations to provide for a
better level of security. How is this product at resisting SYN floods, UDP
and TCP scans and traceroute mapping of the internal private network? Does
anyone have any feedback here?
TIA,
Lance
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
