> On Wed, 02 May 2001, Hiemstra, Brenno spewed into the ether:
> > An OS where a hardware based firewall runs on isn't
> > like the same as an OS that runs on a SUN.
> An OS is an OS. There have been plenty of issues with IOS and other
> such OSs as well (See BUGTRAQ). If you want a secure machine, try
> OpenBSD or a Trusted *nix, or something better for your firewall.
>
> > You must do a lot more effort on securing Solaris
> > then on an OS that runs on a PIX or Nokia.
> More work for Solaris, how much for OpenBSD?
Ideally I'd use FreeBSD as that is what all our other servers run. I guess
if I turned all the services off except ssh, and just used IPFW it would be
pretty secure.
> Not flame, but the biggest advantage hardware firewalls have is their
> speed.
Well - as long as it can deal with 2-10Mbps with simple packet piltering
rules on a PIII 800 (or something like that) then it'll do just fine... what
do you think?
-Rob
--------------------------------
http://www.robhulme.com
http://www.christianunion.org.uk
"...and scantily clad females, of course. Who cares if it's below zero
outside." -- Linus Torvalds
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
