geekhack Community > Off Topic
firewalls?
bigpook:
Thought I would share this.
I have used a fair amount of linux based firewalls. Astaro, monowall, ipcop, clearos and just recently pfsense. I like them all but Astaro is kind of heavy for what I am doing at the house, monowall is nice and lean but boring, ipcop I ran for the longest time but it is getting long in the tooth. Clearos looked good but to get the full bang you have to pay for it.
For the past 6 months or so I have been running pfsense, 1.2.3 RC2 IIRC and was really happy with it. I went ahead and installed 1.2.3 Release but had issues with the DMZ and port forwarding. I ****ed with it for a day or so but got disgusted.
At least getting out to the internet worked.
So what to do?
I found ipfire on distrowatch and have yet to hear of it. The iso comes in at under 80M so it didn't seem to be a bloated mess.
I installed it and it worked straight away. Has a nice GUI with lots of graphs and port forwarding is trivial. It supports VPN which I need to get working next and has some other nice bells and whistles. Its only been running for an hour so there is still plenty of time for it to crash and burn; but so far it is looking good.
What do you all run as firewalls? Not so much for business, mostly what you run at the house.
EverythingIBM:
I like using Tenebril's security suite. Ghost surf, spy catcher, etc.
Not really sure if it would be considered as a "firewall", but it's pretty good. Ghost surf blocks annoying ads too.
ch_123:
My WRT54G has a firewall built into it, I rely on that.
Rajagra:
Software firewalls running on the PC you use are a huge compromise. They aren't that secure, and they can affect performance. To be honest I just can't be bothered with them. Unless someone can recommend one that is flawless.
I wouldn't be without a NAT router though. Once you've seen logs of how often your IP address is being probed by the outside world you'll never trust a direct connection again.
InSanCen:
ipcop on a mini ITX atom based system, 30GB 1.8" HD, 1GB SO-DIMM.
It's still huge overkill for what goes through it, but the parts were there, might as well give them a use. It is long in the tooth, but it just works.
Navigation
[0] Message Index
[#] Next page
Go to full version