"David P. Schwartz" wrote: > > Look around a bit... A good middle-ground if you don't want to fiddle with > setting up and maintaining a full Linux firewall is to get something like a > D-Link 701 or similar LinkSys box. They range in price from $49 .. $199, and I've been running the new Mandrake SNF release for almost a week now and it was a breeze to set up, even ran a painless, pointy-clickie upgrade of ssh and several other packages. I wanted to get squid and squidGuard going before putting the youngun's box on a non-dialup connection. >From the outside, nmap sez this about it: Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ ) Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port Interesting ports on : (The 1533 ports scanned but not shown below are in state: filtered) Port State Service 80/tcp open http TCP Sequence Prediction: Class=64K rule Difficulty=1 (Trivial joke) Remote operating system guess: Cisco CacheOS (1.1.0) Nmap run completed -- 1 IP address (1 host up) scanned in 182 seconds Doesn't look an awful lot like a Linux box running squid, squidGuard, Snort, etc. etc. does it? :-) >From the press release: The Single Network Firewall's functionalities are numerous: Packet filtering Proxy Squid: integrated and easy to configure (manually, transparent and/or with authentification) Intrusion detection systems Snort and Prélude. Graphical (web) tools for monitoring the system activity. Logging of network activity, attacks, resources utilisation. Internet acces configuration for analogue and ISDN Modems, LAN and (A)DSL and cable. Integrated DHCP server "port forwarding" Different access restrictions: ingoing traffic,outgoing traffic Filtering URLs ("parental control") Saving of configuration parameters. Updates through the Internet (web-version of Mandrake Update) Based on a secure 2.2.19 kernel Full press release is at http://www.mandrakesoft.com/company/press/pr?n=/pr/products/922 Steve