On 02/02/2019 04:28 PM, Dave Howorth wrote:
I've been thinking about security a bit. Most of my home security depends on my ADSL router and especially on the NAT it provides. Now I could try to harden every machine on my network, which I admit would be best practice, but (a) I'm lazy and (b) I've got little control over some of the devices on the network. So I've been wondering about putting another dedicated machine in between my router and my network to make it harder to penetrate. My router also provides my WAN, FWIW.
NAT doesn't provide any security, beyond what a properly configured firewall can do. OpenSUSE has a firewall included, which can be run on every desktop. I also used to use it for my main firewall, but replaced it with pfSense three years ago, as the openSUSE firewall didn't work with DHCPv6-PD, which many ISPs use to provide IPv6. Also, with a separate firewall, you can put your ADSL modem info bridge mode, as you don't need another device providing NAT on IPv4. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org