Results 1 to 10 of 10

Thread: Firewall recommendation

  1. #1
    Senior Member
    Join Date
    Aug 2001
    Posts
    117

    Firewall recommendation

    Hi all,

    Does anyone have a recommendation for a $500 - $700 firewall appliance?

    I am looking for a perimeter firewall for my 5 ip addresses. I want to use it to filter all my ip's for common exploits and ip ranges that I would like to block.

    I have a netscreen 5gt, but I use it for a single ip address and I would like to keep it that way.

    Thanks for any feedback and if my message is a little non-descriptive, let me know and I can add some detail.
    Luck--TSM
    Atlanta, GA


  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Space For Rent.. =]

  3. #3
    Senior Member DeadAddict's Avatar
    Join Date
    Jun 2003
    Posts
    2,583
    I would give this document a look it has a list firewalls
    http://www.securityfocus.com/infocus/1750

  4. #4
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    I do not know what you are doing with what I think is 5 routable IP addresses
    but personally I use an old fasion NAT router and use non routable IP
    addresses.... better security... I have several companies do it that way...
    The biggest problem is the dammed viruses and spyware being sent
    around via e-mail or http....
    Linksys has been making a very good Nat Router for years....
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle

  5. #5
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Heh...Firewalls.

    A large portion of my job is managing our PIXes. I, however, run a regular old linux box with two NIC's and IPTABLES on my home network. Truth be told, I think my firewall would stand up to an attack as least as well if not better than my PIXes any day. I've tried to demonstrate to my boss the concept.....but they're Cisco bigots. /shrug. If they want to pay for it.....I'll manage it.

    My home firewall is an old P II 266 with 128mb of RAM running a very customized version of Slackware 8.0. It works wonderfully.

    There is an excellent book on using IPTABLES out there....for the life of me, I can't remember the author right now. If you are comfortable enough with protocols to be looking to seriously manage a firewall though, it's pretty easy to pick up.

  6. #6
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    thread_killer

    That sounds similar to my home net. I have an old 500 box with Smoothwall in it and I have a lot of confidence in it as well. Smoothwall is a stripped down RH with snort and easily config'd. IPTables!

    cheers
    Connection refused, try again later.

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Posts
    117
    Thanks for all the feedback.

    I do use iptables on my linux box and I love it. I think it's pretty secure, but I am not always so confident in my work. I have a great book for iptables, it's a Linux security book, the tittle escapes me as well.

    I am really leaning toward a linux box maybe with openBSD and using iptables to filter out the ranges I don't want.

    Does anyone have any experiences with SOHO? I also looked at them...

    The NAT idea works as well, I will use that for my LAN, but I have some ip's that I lease to folks.
    Luck--TSM
    Atlanta, GA


  8. #8
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    threadkiller if you do happen to rememer the name of the book I would really enjoy knowing what it is... I would like to invest some time into learning iptables. Thanks Spy
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  9. #9

  10. #10
    Personally I use OpenBSD 2.9 and IPF on an older machine... (I think it's a p3)... We've never had someone manage to break in. And it's fast enough that you'd never know it was handling the traffic for a dozen or so PC's.

    We also use similar setups at work only better hardware...

    -_LeeBkr311_-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •