[H-GEN] Best Easy Firewall
Robert Brockway
robert at timetraveller.org
Mon May 6 09:16:56 EDT 2002
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
On 6 May 2002, rodney wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> Hello,
>
> Which Firewall is the best , secure and easy for setting ?
Hmm...an excellent question. Alot of them do more or less the same things
(as long as they are stateful). I like Linux's Iptables but have used
Checkpoint's FW-1 to good effect. FW-1 has a nice gui (and I believe you
can get _at least_ one for Iptables as well). Don't let a nice gui lull
you into thinking that you don't have to be careful with a firewall setup
though (I'm sure you know this but I want to reiterate it).
If you intend to setup your own firewall I'd get the advice of a more
experienced person as it is all too easy to make a bad assumption about
firewall rules and leave a system more open than it should be or block
something that is needed (case in point: ICMP blocking). Meetings can be
good for this.
If you're using Linux, don't use Ipchains. It is deprecated and should go
sometime in the 2.5 series. Iptables is the replacement and superior.
Is this for Linux, *BSD, or some other OS?
Cheers,
-Rob
-- Robert Brockway B.Sc. email: robert at timetraveller.org ICQ: 104781119
Linux counter project ID #16440 (http://counter.li.org)
blake: up 116 days, 21:43, 9 users, load average: 1.06, 1.01, 1.00
"The earth is but one country and mankind its citizens" -Baha'u'llah
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list