-
July 23rd, 2004, 08:33 PM
#1
Senior Member
Firewall recommendation
Hi all,
Does anyone have a recommendation for a $500 - $700 firewall appliance?
I am looking for a perimeter firewall for my 5 ip addresses. I want to use it to filter all my ip's for common exploits and ip ranges that I would like to block.
I have a netscreen 5gt, but I use it for a single ip address and I would like to keep it that way.
Thanks for any feedback and if my message is a little non-descriptive, let me know and I can add some detail.
-
July 23rd, 2004, 08:36 PM
#2
-
July 23rd, 2004, 10:47 PM
#3
I would give this document a look it has a list firewalls
http://www.securityfocus.com/infocus/1750
-
July 23rd, 2004, 11:00 PM
#4
I do not know what you are doing with what I think is 5 routable IP addresses
but personally I use an old fasion NAT router and use non routable IP
addresses.... better security... I have several companies do it that way...
The biggest problem is the dammed viruses and spyware being sent
around via e-mail or http....
Linksys has been making a very good Nat Router for years....
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
-
July 24th, 2004, 12:05 AM
#5
Heh...Firewalls.
A large portion of my job is managing our PIXes. I, however, run a regular old linux box with two NIC's and IPTABLES on my home network. Truth be told, I think my firewall would stand up to an attack as least as well if not better than my PIXes any day. I've tried to demonstrate to my boss the concept.....but they're Cisco bigots. /shrug. If they want to pay for it.....I'll manage it.
My home firewall is an old P II 266 with 128mb of RAM running a very customized version of Slackware 8.0. It works wonderfully.
There is an excellent book on using IPTABLES out there....for the life of me, I can't remember the author right now. If you are comfortable enough with protocols to be looking to seriously manage a firewall though, it's pretty easy to pick up.
-
July 24th, 2004, 01:50 AM
#6
thread_killer
That sounds similar to my home net. I have an old 500 box with Smoothwall in it and I have a lot of confidence in it as well. Smoothwall is a stripped down RH with snort and easily config'd. IPTables!
cheers
Connection refused, try again later.
-
July 26th, 2004, 05:17 AM
#7
Senior Member
Thanks for all the feedback.
I do use iptables on my linux box and I love it. I think it's pretty secure, but I am not always so confident in my work. I have a great book for iptables, it's a Linux security book, the tittle escapes me as well.
I am really leaning toward a linux box maybe with openBSD and using iptables to filter out the ranges I don't want.
Does anyone have any experiences with SOHO? I also looked at them...
The NAT idea works as well, I will use that for my LAN, but I have some ip's that I lease to folks.
-
July 26th, 2004, 07:24 AM
#8
threadkiller if you do happen to rememer the name of the book I would really enjoy knowing what it is... I would like to invest some time into learning iptables. Thanks Spy
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click
here
-
July 26th, 2004, 08:34 AM
#9
-
July 26th, 2004, 05:46 PM
#10
Member
Personally I use OpenBSD 2.9 and IPF on an older machine... (I think it's a p3)... We've never had someone manage to break in. And it's fast enough that you'd never know it was handling the traffic for a dozen or so PC's.
We also use similar setups at work only better hardware...
-_LeeBkr311_-
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|