On Jan 19, Damian Bickhoff wrote:
>
> How is this different / better than using opengate or such software? Is
> it just the usual NAT vs application-specific proxies argument?
>
I'm not too sure I understand you question. Opengate (I think uses ipchains
and so kernel 2.2.x) is the same as a usual NAT solution its just that they
have done lots of hardwork in getting the box to more or less set its self up
automagically with all you needing to do it tick a few tick boxes.
If you don't want to setup a firewall by hand, and I mean compiling the
kernels and uses your own hand built iptables/ipchains ruleset then keep with
opengate or their alternatives. If you want to get 'dirty' then 'join us' :)
Thats the difference, as for the advantages, you learn more things and
probably find you will get some more flexibility if you need to (do something
bad) and run a strnage service on the firewall.
I prefer the mannual solutions as you learn more about security as you get
nitty-gritty however some people don't.....its your call
Alex
--
_________________________________________
/ The more laws and order are made \
| prominent, the more thieves and robbers |
| there will be. |
| |
\ -- Lao Tsu /
-----------------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
Attachment:
pgpuEXsEJVfXI.pgp
Description: PGP signature