Hi everyone, Just wanted to add another glitch I had building my smoothwall router. After having spent a day working on smoothwall by myself and then having a friend help me work on it for a couple of half days, we were never able to get smoothwall working properly. We could login remotely from the lan and not be able to ping/see the wan; or we could login directly on the machine (in root) but still be able to ping/see the wan. We could just not get everything to work at the same time. We occationally tried other firewall/router distro's including: pfsense (freebsd), SME server, and eBox (ubuntu based), however, IPfire_2.3 (another Smoothwall spin-off) worked on the first try. We never got around to trying IPcop. Thanks, IPfire. - MatthewMPP Stephen wrote: > And I still use an asa for my network :-) > > > On 4/28/09, Dale Farnsworth wrote: > >> Eric Shubert wrote: >> >>> Alex Dean wrote: >>> >>>> On Apr 27, 2009, at 1:24 PM, Eric Shubert wrote: >>>> >>>> >>>>> Mark, >>>>> >>>>> I have a couple old e-machines that I made into IPCop firewall/routers, >>>>> and have been decommissioned for a while (they were virtualized). >>>>> >>>> Do you mean you virtualized your firewall? >>>> >>> Yep. >>> >>> >>>> Doesn't that create a risk >>>> that other VMs on the same hardware host might be exposed to nasty stuff >>>> >>>> which arrives at the firewall? >>>> >>> I don't think so. The VM host isn't addressable/accessible on the >>> outside/red interface. The only thing that 'sees' outside traffic is the >>> IPCop VM. >>> >>> I could be wrong, but it appears safe enough to me. >>> >> It is only as safe as VMware is secure. If code can break out of a >> VM and begin running on the host, all bets are off. >> >> As Ken Thompson pointed out in "Reflections on Trusting Truse", you >> already have to trust everyone who developed the hardware, firmware >> and software you are running. Running in a virtual machine instead >> of on bare hardware means you have to also trust the developers of >> the VM host (hypervisor) software. >> >> I'm not saying that it isn't worth it; I use VMs every day. >> >> -Dale >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> > > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss