Re: not ipcop?

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Darrin Chandler
Date:  
To: Main PLUG discussion list
Subject: Re: not ipcop?
OpenBSD for a firewall makes all kinds of sense. It's incredibly secure,
right out of the box. It comes standard with many network daemons that
are very useful. Really, the security and networking stuff that comes
standard with OpenBSD make it difficult to beat. You can do a default
install and leave it on the internet and go on vacation and come back to
an uncompromised box. It's also fairly lean, so it'll run fine on old
hardware.

The only reason I didn't recommend it before on this thread is that
you're all familiar with Linux, and administering/securing/maintaining
an OS you know well is better than borking up something you're not
familiar with.

If you're looking for a point&click or web-config firewall then don't
bother with OpenBSD. If you don't mind the command line, editing config
files in a text editor, etc., then OpenBSD makes a *wonderful* edge box.

On Fri, Jan 18, 2008 at 05:43:50AM -0700, Michael Havens wrote:
> BSD? WHy would you recomend that over Clark Connect?
>
> On Thursday 17 January 2008 12:39 am, Mike Storke wrote:
> > I'm surprised not one of you mentioned OpenBSD.
> >
> > Mike
> >
> > --- Matrix Mole <> wrote:
> > >
> > > Michael Havens wrote:
> > > | so which do you all recomend?
> > > |
> > > |>> I do appologize for not being specific enough. I mean as a
> > >
> > > dedicated
> > >
> > > |>> firewall. I was looking at the distrowatch you pasted for me and
> > >
> > > it
> > > seems
> > >
> > > |>> as if ipcop is the only one I know anything about; however, I was
> > > |>> intrigued with Devil-Linux
> > > |>> (http://distrowatch.com/table.php?distribution=devil)
> > > |>> (http://www.devil-linux.org/home/index.php). Does anyone have any
> > > |>> experience with this?
> > > |>
> > > |> IPCop is very good. I don't have experience with Devil-Linux.
> > >
> > > I personally don't have any experience with a specific
> > > Firewall/router
> > > Linux distro, but here's a few options:
> > >
> > > eBox - http://www.ebox-platform.com/
> > > Gibraltar - http://www.gibraltar.at/
> > > ClarkConnect - http://www.clarkconnect.com/
> > > Coyote Linux - http://coyotelinux.com/
> > > Devil Linux - http://www.devil-linux.org/home/index.php (already
> > > mentioned)
> > > ipcop - http://www.ipcop.org/ (also already mentioned)
> > > Sentry Firewall CD - http://www.sentryfirewall.com/
> > > Smoothwall - http://www.smoothwall.org/
> > > Endian - http://www.endian.com/
> > > FreeSco the Single Floppy firewall/router unit -
> > > http://www.freesco.org/
> > > ZeroShell - http://www.zeroshell.net/eng/
> > >
> > > Although each of those distros appears to be designed specifically
> > > around the idea of firewall and/or router functionality, any linux
> > > box
> > > with iptables support compiled into the kernel could function as a
> > > proper firewall. I have a gentoo box operating as my router/firewall
> > > unit at the moment. If you want to add IDS support, then snort would
> > > be
> > > an excellent addition to the mix. I looked into Smoothwall briefly
> > > but
> > > never managed to get it working, although I think that's partially
> > > because I wasn't really interested in the project at the time.
> > >
> > > Hope that provides you some help.
> > >
> > > Matrix Mole
> > >
> > > ---------------------------------------------------
> > > PLUG-discuss mailing list -
> > > To subscribe, unsubscribe, or to change your mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> >
> > ___________________________________________________________________________
> >_________ Be a better friend, newshound, and
> > know-it-all with Yahoo! Mobile. Try it now.
> > http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
> >
> > ---------------------------------------------------
> > PLUG-discuss mailing list -
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


-- 
Darrin Chandler            |  Phoenix BSD User Group  |  MetaBUG
   |  http://phxbug.org/      |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation
---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss