OpenBSD for a firewall makes all kinds of sense. It's incredibly secure, right out of the box. It comes standard with many network daemons that are very useful. Really, the security and networking stuff that comes standard with OpenBSD make it difficult to beat. You can do a default install and leave it on the internet and go on vacation and come back to an uncompromised box. It's also fairly lean, so it'll run fine on old hardware. The only reason I didn't recommend it before on this thread is that you're all familiar with Linux, and administering/securing/maintaining an OS you know well is better than borking up something you're not familiar with. If you're looking for a point&click or web-config firewall then don't bother with OpenBSD. If you don't mind the command line, editing config files in a text editor, etc., then OpenBSD makes a *wonderful* edge box. On Fri, Jan 18, 2008 at 05:43:50AM -0700, Michael Havens wrote: > BSD? WHy would you recomend that over Clark Connect? > > On Thursday 17 January 2008 12:39 am, Mike Storke wrote: > > I'm surprised not one of you mentioned OpenBSD. > > > > Mike > > > > --- Matrix Mole wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > Michael Havens wrote: > > > | so which do you all recomend? > > > | > > > |>> I do appologize for not being specific enough. I mean as a > > > > > > dedicated > > > > > > |>> firewall. I was looking at the distrowatch you pasted for me and > > > > > > it > > > seems > > > > > > |>> as if ipcop is the only one I know anything about; however, I was > > > |>> intrigued with Devil-Linux > > > |>> (http://distrowatch.com/table.php?distribution=devil) > > > |>> (http://www.devil-linux.org/home/index.php). Does anyone have any > > > |>> experience with this? > > > |> > > > |> IPCop is very good. I don't have experience with Devil-Linux. > > > > > > I personally don't have any experience with a specific > > > Firewall/router > > > Linux distro, but here's a few options: > > > > > > eBox - http://www.ebox-platform.com/ > > > Gibraltar - http://www.gibraltar.at/ > > > ClarkConnect - http://www.clarkconnect.com/ > > > Coyote Linux - http://coyotelinux.com/ > > > Devil Linux - http://www.devil-linux.org/home/index.php (already > > > mentioned) > > > ipcop - http://www.ipcop.org/ (also already mentioned) > > > Sentry Firewall CD - http://www.sentryfirewall.com/ > > > Smoothwall - http://www.smoothwall.org/ > > > Endian - http://www.endian.com/ > > > FreeSco the Single Floppy firewall/router unit - > > > http://www.freesco.org/ > > > ZeroShell - http://www.zeroshell.net/eng/ > > > > > > Although each of those distros appears to be designed specifically > > > around the idea of firewall and/or router functionality, any linux > > > box > > > with iptables support compiled into the kernel could function as a > > > proper firewall. I have a gentoo box operating as my router/firewall > > > unit at the moment. If you want to add IDS support, then snort would > > > be > > > an excellent addition to the mix. I looked into Smoothwall briefly > > > but > > > never managed to get it working, although I think that's partially > > > because I wasn't really interested in the project at the time. > > > > > > Hope that provides you some help. > > > > > > Matrix Mole > > > -----BEGIN PGP SIGNATURE----- > > > Version: GnuPG v1.4.5 (Darwin) > > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > > > > > iD8DBQFHjvOLNtosHRPp48MRApLAAJ9nYZJcA0BX91HYKbyLomA84kQcgwCbB5Ci > > > V4vWAP7DcHadGDl/u7mWTYE= > > > =mzXM > > > -----END PGP SIGNATURE----- > > > --------------------------------------------------- > > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > > To subscribe, unsubscribe, or to change your mail settings: > > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > > ___________________________________________________________________________ > >_________ Be a better friend, newshound, and > > know-it-all with Yahoo! Mobile. Try it now. > > http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- Darrin Chandler | Phoenix BSD User Group | MetaBUG dwchandler@stilyagin.com | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss