North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Security on a home DSL Line
I did that ... too much work. Easier to install an appliance. > -----Original Message----- > From: Sean Figgins [mailto:[email protected]] > Sent: Friday, November 03, 2000 7:33 AM > To: [email protected] > Subject: RE: Security on a home DSL Line > > > > Of course, for those that don't know how to install a OS > without the use of > GUIs, you can always install FreeBSD just about as easily as > Linux, and have > all the security of IPFilter over IPChains... I've used this > method to do > everything from a Dial on Demand NAT gateway, to a full fledged > firewall/router solution. > > Of course, my home network is behind more sophisticated > security now, but > if/when I ever change jobs and network providers, I'll be > going back to the > FreeBSD firewall/NAT method. > > -----Original Message----- > From: [email protected] [mailto:[email protected]]On Behalf Of > Brandon Hume > Sent: Friday, November 03, 2000 9:07 AM > To: [email protected] > Subject: Re: Security on a home DSL Line > > > > >Otherwise, your idea is perfect; Linux or OpenBSD, whichever you're > >more comfortable with, will give you the most flexibility, > and Solaris x86 > >might work but will be dog-slow and unless you have a lot of RAM, > >completely unusuable. > > For such a weakly defined measure of "a lot of RAM", this statement is > inaccurate. Solaris 8 x86 will run comfortably, without X > and superfluous > processes (to say: a rational firewall/NAT box configuration) > within 12M > of RAM. A passing knowledge of Solaris would not let a > person know this to > be true, however, since Sun states its memory requirements on > the assumption > you'd be using X. > > That being said, OpenBSD is probably the best choice. It > requires more > skill > to install, but less skill to secure, and would probably run > better *by > default* on a minimal machine. After that I'd suggest > Solaris, since it > installs less crap than most of the Linux distributions (note: most). > Driver issues might force your hand to the Linuxes, of course. > > I also place OpenBSD and Solaris above Linux because they > both give you the > use of IPFilter, which I believe to be just flat-out superior > to IPChains. > > -- > Brandon Hume - hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/ -> Solaris Snob and general NOCMonkey
|