[lug] Firewall != Linux, Was -> Broadband

D. Duke Smith duke at firstworld.net
Tue Aug 1 07:47:04 MDT 2000 

Chris M wrote:
> 
> >For all those who have or want cable modems or DSL, you should look
> >into using the Linksys BEFSR41 firewall instead of a computer.  Yeah,
> >it's a lot of fun to play around with Linux firewalling and such, but
> >if you want something that firewalls, does DHCP, NAT, port forwarding,
> >etc. for your network AND has a 4-port switch in it for only
> >$160...this is your product!
> 
> Not to mention, Linux is not a firewall.  Linux is Linux, complete
> with thousands of people scouring source code looking for security
> holes so they can hack your box, attack NASA, and Men in Black will
> show up at your door.
> 
> True story.
> 
> If you aren't running a "real" firewall (and we could debate ad
> infinitum how real Linksys is) then you are probably exposed.
> Period.  We recommend an external appliance, maybe the Linksys fits
> your requirements, maybe Watchguard or Sonicwall does.
> 
> >
> >No, this isn't an advertisement for Linksys.  I just cringe when I
> >hear about people using their linux machines to do lots of packet
> >filtering that is unnecessary.
> >
> >Also, if you think for a second that hooking your cable modem directly
> >into your computer is safe, think again.  You've just put your
> >computer straight on the Internet for script kiddies to beat the crap
> >out of.
> >
> >Thus endeth the sermon.
> >
> >--
> >PC Drew
> 
> You could go for another 15 minutes and people will still think that
> their Linux box is a great firewall and how could they possibly be a
> victim.
> 
> *None* of our customers running a commercial firewall have been
> hacked.  Plenty of Linux customers have.
> 
> Chris
> Peak to Peak Internet
> http://www.peakpeak.com
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Hi Chris -

Appreciate your input - I know about members of the Linux order 
of the Unix religion! I'm trying a Linksys (their 4-box monitor/KB/mouse
switches work very well & there are some that dont!) BEFSR11 which 
Amazon sells for $106 (I already have a hub). It's amazing how prices
have come down. I have these 2 Livingston IRX-211's that listed for 
$3200 when I got them (I didn't pay that but a lot more than a hunnerd
bucks), and they're just not worth upgrading. Enny ways, you can always
add more layers to your firewall later - this thing sounds like it 
does basic protection cheaply & simply. I fought for weeks trying to get
Linux working as a gateway even, finally deciding, with much concurrence
even from redhat that my install CD was hosed. I'll post my results
esp if I run into / solve any probs.

Tx agin,

- duke

More information about the LUG mailing list