Results 1 to 5 of 5

Thread: Can these LiveCD Firewall Solutions be trusted?

  1. #1
    Junior Member
    Join Date
    Jan 2006
    Posts
    24

    Can these LiveCD Firewall Solutions be trusted?

    Hi,

    I'm in the process of securing my home network. I have come across a great solution: firewall livecd. This solution is advantageous for several reasons. However, I am concerned about whether or not they can be trusted.

    There is m0n0wall, Sentry Firewall, redWall Firewall, among others. Can the binaries provided by this software be trusted?

    My concerns are there have been backdoors planted somehow. I mean, I don't have the time or knowledge to analyze the source code for vulnerabilities. Moreover, by going with a solution like this it is up to the maintainers to update any vulnerabities found in the packages included.

    Is it better to just roll your own OS, and sign up to the mailing list where they list the currently known bugs?

    Thanks for any insight!

    stonee

  2. #2
    Junior Member
    Join Date
    Feb 2006
    Posts
    8
    Check out Astaro Security Gateway. They are a commercial firewall vendor that sells the firewall software as well as appliances. SC Magazine gave their product 5 stars, and I've been using it in my home network for nearly a year.

    http://www.astaro.com/firewall_netwo...security_facts

    You can get a free home use license for up to 10 IP addresses.

    http://www.astaro.com/firewall_netwo...curity_license

  3. #3
    Junior Member
    Join Date
    Jan 2006
    Posts
    24
    But then my paranoia is just redirected towards their company. Can I then trust their software?

  4. #4
    Junior Member
    Join Date
    Feb 2006
    Posts
    8
    Originally posted here by stonee
    But then my paranoia is just redirected towards their company. Can I then trust their software?
    If you are going to be that paranoid, then code your own firewall.

    There is a difference between practicing good security and being ridiculous.

    Astaro is commercial vendor, they are out to make a profit. Putting backdoors in would seriously compromise their reputation and cause financial damage to them.

    Besides, the product is ICSA certified.

    http://www.icsalabs.com/icsa/docs/ht...pdf/astaro.pdf

  5. #5
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Try Smoothwall or IP Cop (Astaro is supposedly based on this last one). Both are open source linux solutions that are regularly patched and updated.

    Can they be trusted? Sure, as much as anyone. If you still have trust issues, code your own as
    mkofron suggests, or find someone else to code it. Then, if you have someone else code it, you can brick the programmer into a secret room and no one will ever know what you're running.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •