On Wed, 6 Jun 2001, [EMAIL PROTECTED] wrote:
> Dear List members
>
> I want to put a firewall between a particular Unix box and the rest of
> the college network.
Seems reasonable enough...
> I have a 'spare' 166 pentium pc with two network cards & 2gb hard
> disk.
[snip}
> Two questions.
> 1) Have I totally misunderstood the smoothwall system?
Dunno, never used it.
> 2) what would list members recommend to allow the PC to do the
> job I require.
I'd chose to deply NetBSD/IPFilter in that scenerio.
>
> By the way I want a physical firewall rather than using the
> Access.deny/access.allow files as it keeps 'them' that one step
> away from the system.
You really should use "as well as", not "rather than"- defense in depth is
a very important concept.
Depending on the Unix flavor, you could also run the packet filtering
software on the machine itself- that saves having to secure another box,
but means having all your eggs in one basket.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
