[32017] in North American Network Operators' Group
Re: Security on a home DSL Line
daemon@ATHENA.MIT.EDU (Brandon Hume)
Fri Nov 3 10:12:38 2000
From: Brandon Hume <hume@Den.BOFH.Halifax.NS.Ca>
Message-Id: <200011031506.LAA14830@Den.BOFH.Halifax.NS.Ca>
To: nanog@merit.edu
Date: Fri, 3 Nov 2000 11:06:53 -0400 (AST)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
>Otherwise, your idea is perfect; Linux or OpenBSD, whichever you're
>more comfortable with, will give you the most flexibility, and Solaris x86
>might work but will be dog-slow and unless you have a lot of RAM,
>completely unusuable.
For such a weakly defined measure of "a lot of RAM", this statement is
inaccurate. Solaris 8 x86 will run comfortably, without X and superfluous
processes (to say: a rational firewall/NAT box configuration) within 12M
of RAM. A passing knowledge of Solaris would not let a person know this to
be true, however, since Sun states its memory requirements on the assumption
you'd be using X.
That being said, OpenBSD is probably the best choice. It requires more skill
to install, but less skill to secure, and would probably run better *by
default* on a minimal machine. After that I'd suggest Solaris, since it
installs less crap than most of the Linux distributions (note: most).
Driver issues might force your hand to the Linuxes, of course.
I also place OpenBSD and Solaris above Linux because they both give you the
use of IPFilter, which I believe to be just flat-out superior to IPChains.
--
Brandon Hume - hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
-> Solaris Snob and general NOCMonkey
