[32004] in North American Network Operators' Group
Re: Security on a home DSL Line
daemon@ATHENA.MIT.EDU (Joe Shaw)
Thu Nov 2 21:57:09 2000
Date: Thu, 2 Nov 2000 20:50:52 -0600 (CST)
From: Joe Shaw <jshaw@insync.net>
To: "J. Gilmore" <reece0011@yahoo.com>
Cc: nanog@merit.edu
In-Reply-To: <20001102233823.22147.qmail@web206.mail.yahoo.com>
Message-ID: <Pine.GSO.4.21.0011022044340.8916-100000@vellocet.insync.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
I've got a Pentium 100 running OpenBSD 2.7, setup with two nics in
bridging mode with ipfilter. It required no re-addressing of my existing
network and works quite well. I personally like it more than any of the
desktop firewalls. I've got a 3Mbps cablemodem (downstream is actually
UHF instead of cable plant with an ISDN wired return), and it handles
all the traffic with no problem.
I'd reccomend this setup over the desktop firewall packages. They
generally don't report enough information to effectively track offenses
down. With an *BSD or Linux box you get a lot more tools to help you,
like tcpdump, ethereal, snort, etc.
--
Joseph W. Shaw
Sr. Network Security Specialist for Big Company not to be named because I
don't speak for them here. I have public opinions, and they don't.
On Thu, 2 Nov 2000, J. Gilmore wrote:
>
> I'm looking to beef up security on a home DSL line.
> Currently I am using ZoneAlarm (the freeware version).
> I'm thinking of taking an old Pentium 120, and
> setting that up as a firewall, but wanted to know if
> anyone else had a better idea.
