Re: simple stand-alone firewall
On Sat, 24 Mar 2012 07:02:42 +0000, Russell L. Harris wrote:
> From the standpoint of protection of a LAN (two or three machines) for
> a home or home office, how effective is a firmware-based firewall/router
> in comparison with a software-based stand-alone firewall/router?
I'd say even the SPI and firewall capabilities of most home/soho DSL
routers will be enough for that environment.
> Is either significantly better than the other?
That will depend on the appliance.
> I am thinking in terms of devoting an old computer (200 MHz Pentium) to
> the task of firewall/router. In years past (back in the dark epoch when
> I was running Window$), I discovered SmoothWall while struggling with a
> DSL line with PPPoE.
>
> After downloading a small CD ISO image from the SmoothWall web site, it
> took me less than an hour to install and configure SmoothWall. With
> SmoothWall, it was not necessary for the user to study the subject of
> firewall configuration -- the default SmoothWall configuration was
> perfectly adequate for most users.
>
> I quit using SmoothWall several years ago, when a friend gave me a
> firmware firewall/router and convinced me that I ought to make the
> transition, simply for the economy in terms of desktop space and
> electricity. And I no longer have the curse of PPPoE.
>
> But now I think that it might be prudent to return to a devoted machine
> and software, and I would much prefer to use a Debian package instead of
> SmoothWall.
A dedicated machine managed by a complete SO and iptables is usually
better than anything, when it comes to security, of course. The problem
is that you have to waste power, space and time to configure it properly.
> Is there a good firewall application in Debian which provides a secure
> default configuration? Or must I learn how to configure a firewall?
You must learn how to configure a firewall but there some tools that can
help you with the task:
http://wiki.debian.org/Firewalls
Greetings,
--
Camaleón
Reply to: