On Mon, 2004-02-02 at 10:41, Felipe Leon wrote:
Hello list, I'm about to take an old P1 166 MHz with a 2GB harddisk and two nics, and install smoothwall on it to connect my home network to the internet. I previously was connecting my home network to my dsl provider via a d-link broadband router with "built in" firewall. My questions are: Im I increasing greatly my security by doing this? which pro's and contra's could have this? The thing I can think of is that the d-link router is a dedicated simple piece of hardware not highly configurable (therefore without too high risk of dangerous misconfigurations) while with the old pentium running smoothwall the risk for misconfigurations is higher and Im not sure that for a simple home network such as mine it would be a risk worth to take. It would be nice to hear your opinions.
Thanks a lot,
Felipe.
Hello Felipe: Don't know what smoothwall is, so I'll refrain from commenting on it. I'm assuming that the 166 machine is to be firewall/router only. I do have expirience with diferent linux based firewalls, and here the more salient points for your case: FWBUILDER (http://www.fwbuilder.org) is IMHO the best GUI for building firewalls there is! (Although they say there is a very expensive firewall that is supposed to be as good). fwbuilder is not a firewall, but an iptables (etc...) script builder. Do yourself a favor, check it out. FLOPPYFW (http://www.zelow.no/floppyfw/) is a full linux firewall / router which boots from a floppy. Running under the moto: "The less there is running the less there is to attack!" The entire linux/firewall runs in ram (and therefor is fast), and is only booted from floppy. Both together make for a real nice setup. The confortable GUI running on your linux workstation, which writes to the floppy that boots you firewall. Others: There is a USB version of FloppyFW, but I seriously doubt that your 166 has bootable usb bios! Jerry Westrick.