-
December 8th, 2004, 04:37 PM
#11
Originally posted here by chsh
Not being up on VPNs, wouldn't this be a function of your VPN server, not of the firewall?
Ummm, no not necessarily. Many firewall products terminate VPN conntections and
either use their own authentication database or pass that chore on to another authentication
service like RADIUS.
Well checkout something small like the Nokia IP330 running Checkpoint NG
Out of the box, it crushes any netfilter based product I can think of. Sure you can
probably glue a box together and gain some of the features. If you use a commercial product, you usually have a hard time compiling in new features if the vendor even allows it. If you roll your own, lots of things are possible if you have the time. I just don't have that kind of time.
I think almost all *nix firewalls are capable of being run off read-only media like CD. [/B]
Really. Cool which ones? I would love to check em out..
-
December 8th, 2004, 10:35 PM
#12
/ \\
-
December 8th, 2004, 10:59 PM
#13
.... I have a ZIP drive that allows booting. And what about ZIPSlack? I haven't looked into it because I have no use for it.
-
December 8th, 2004, 11:18 PM
#14
But you could do it on an USB memory stick Unfortunately I don't know of any BIOS that supports booting from an USB device [I'd love to embed Linux on my USB stick ]
Virtually every bios since around 2001 has had the ability to boot from a usb device. If yours doesn't..it's time to flash it.
CHSH: a lot of places build things in to one device..such as ipcop and astaro. They both have a ton of features..vpn/content filter/spam filter/AV/firewall etc..
ss2chef: like chsh..virtually any *nix can do it..but it's not neccesarily the best idea.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
-
December 8th, 2004, 11:37 PM
#15
Originally posted here by hogfly
ss2chef: like chsh..virtually any *nix can do it..but it's not neccesarily the best idea.
I'm aware it's available and infact I boot knoppix-std from usb drive often.
I was more interested in actual firewall product at market which supports this. Do any exist?
Most Linux/NF based stuff I have seen are stripped down to fit the small footprint.
Usually the 1st things that get ditched are all but the most common drivers and configs.
I have done RAM drive firewalls before.
Hope I am not mis-understood. I like netfilter. But for my clients Enterprise dollar, I prefer to choose
tinker free (my perspective) solutions.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|