On Tuesday 02 December 2003 06:33, Sid Boyce wrote:
I wonder how current the commercial boxes are, especially with updates when vulnerabilities are discovered.
Exactly right Sid. For the price of a second nic ($5 at a flea market) you can protect your entire net with any of your linux boxes and never even notice the load. Even an old machine you might consider junking has enough gas to pass packets as fast as your calbe modem or dsl can deliver them. I use an old pentium 120 for this - running headless (no monitor) over in the corner, and manage it with ssh. Most of these firewall/routers are running some long obsolete version of linux, and many are not upgradeable. They are far more hackable than the companies lead you to believe, and have been frequently shipped with commonly known passwords. In the process you will have to learn at least a smattering of things about iptables ( shorewall makes it childs play ), dhcp server setup, and that's about all that is necessary. The rest is optional. The only thing the commercial boxes have going for them is they are getting so cheap ($30-$80) that those too busy to learn can still use them. But "too busy to learn" does not sound like a LInux user. -- _____________________________________ John Andersen