Re: firewall: linux vs. freebsd

[Matt Garman <garman@raw-sewage.net>]

On Fri, Feb 22, 2002 at 10:18:03PM -0500, timothy bauscher wrote:
> I am planning on building a firewall here. There is a lot of hype
> about Freebsd being great for firewalls, and books regarding Linux
> firewalls.
> 
> I love Linux, but I believe in finding the best solution for a
> problem. My question is not which OS is better for a firewall, but
> which one you would use (or do use).

I previously used OpenBSD as my firewall, cablemodem gateway, NAT box,
then later as a diald server, etc.  It worked pretty well, and was
relatively easy to setup and configure.  OpenBSD has a good reputation
for being secure and all that (perhaps it's just hype :), and I also
wanted another free Unix to play with.

After a while, though, I got to thinking: security is only as good as
its configuration.  So, even though OpenBSD might be more secure out
of the box than Debian out of the box, my Debian firewall is probably
more secure than my OpenBSD firewall simply because I know the Debian
system better.

One thing I learned from playing with OpenBSD for a while is that
familiarity with one Unix (e.g. Debian Linux) does not a general Unix
admin make (due to subtle difference between Unices).

So... hopefully this hobbyist's experience will help you make your
decision.  In general, I would say the following: if you're a
full-time Unix admin, and you both enjoy and have the time to learn
and understand a new Unix, go with a BSD.  If you don't have the time,
or don't want to fill your mind with the subtleties of two Unices,
stick with Debian.  (I'm sure most would agree that a properly
configured Linux firewall is as safe as any other free Unix's
firewall.)

Good luck!
Matt

-- 
Matt Garman, matt@raw-sewage.net
``I ain't never seen no whiskey, the blues made my sloppy drunk!''
        -- Sleepy John Estes, ``Leaving Trunk''