Re: Linux box vs black box
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Mathias" == Mathias Bocquet <mbocquet@geopost-logistics.com> writes:
Mathias> Hi everyone. This is perhaps off topics, but I'm searching for
Mathias> external opinions about firewalls ;
[cut]
"The most secure system is the one that you understand the best." This
is one of the standard responses in comp.os.linux.security to queries
about which is the most secure OS. (I believe Tim has said that on
c.o.l.s before. I'm surprised his response to your question didn't say
it.)
Even *if* a commercial firewall, or a black box, is more secure right
now, if (when) a security flaw is discovered, would you be able to fix
it? Would you even be told about it?
If you're not confident maintaining a commercial firewall or black box,
then stick with Linux and netfilter/IPTables. You'll probably be more
secure in the long run.
"Security is a process, not a product." (another commonly uttered
phrase in c.o.l.s, and it's probably a quote from someone famous.) Once
you set up your box, whichever option you choose, make sure you keep up
to date. Install the latest security patches. Subscribe to c.o.l.s and
BugTraq.
HTH
- --
____ | -----------------------------------------------------------
| / --+--
| / ___|___ Hubert Chan <hackerhue@geek.com>
| \ | _|_ |
|__| |__|__| PGP/GnuPG fingerprint: 6CC5 822D 2E55 494C 81DD
| | 6F2C 6518 54DF 71FD A37F
| / | \ Key available at wwwkeys.pgp.net.
| / | \
| | <><------------------- http://www.geocities.com/hubertchan/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/>
iD8DBQE7H82jZRhU33H9o38RApaaAKCtj+JjjjoBz/KQhY5UF9YEWQSKdQCgk6m3
mFljKIMU6R2oaLjhvoA3GlM=
=q27R
-----END PGP SIGNATURE-----
Reply to: