"David P. Schwartz" wrote:
>
> Look around a bit... A good middle-ground if you don't want to fiddle with
> setting up and maintaining a full Linux firewall is to get something like a
> D-Link 701 or similar LinkSys box. They range in price from $49 .. $199, and
I've been running the new Mandrake SNF release for almost a week now and
it was a breeze to set up, even ran a painless, pointy-clickie upgrade
of ssh and several other packages. I wanted to get squid and squidGuard
going before putting the youngun's box on a non-dialup connection.
>From the outside, nmap sez this about it:
Starting nmap V. 2.54BETA7 ( www.insecure.org/nmap/ )
Warning: OS detection will be MUCH less reliable because we did not
find at least 1 open and 1 closed TCP port
Interesting ports on <censored> :
(The 1533 ports scanned but not shown below are in state: filtered)
Port State Service
80/tcp open http
TCP Sequence Prediction: Class=64K rule
Difficulty=1 (Trivial joke)
Remote operating system guess: Cisco CacheOS (1.1.0)
Nmap run completed -- 1 IP address (1 host up) scanned in 182 seconds
Doesn't look an awful lot like a Linux box running squid, squidGuard,
Snort, etc. etc. does it? :-)
>From the press release:
The Single Network Firewall's functionalities are numerous:
Packet filtering
Proxy Squid: integrated and easy to configure (manually,
transparent and/or with authentification)
Intrusion detection systems Snort and Prélude.
Graphical (web) tools for monitoring the system activity.
Logging of network activity, attacks, resources utilisation.
Internet acces configuration for analogue and ISDN Modems, LAN and
(A)DSL and cable.
Integrated DHCP server
"port forwarding"
Different access restrictions: ingoing traffic,outgoing traffic
Filtering URLs ("parental control")
Saving of configuration parameters.
Updates through the Internet (web-version of Mandrake Update)
Based on a secure 2.2.19 kernel
Full press release is at
http://www.mandrakesoft.com/company/press/pr?n=/pr/products/922
Steve
(text/plain)