Re: Linux firewall vs Windows and Hardware based firewalls
On Thu, 31 Jul 2003 16:11:14 +1000
"Andre Volmensky" <AndreV@datcom.com.au> wrote:
> Hello all,
> I have to put forward an argument to management regarding setting up a
> firewall on some of our clients networks.
> What are the advantages of a linux firewall over something like
> Windows with WinRoute on it, or even a hardware based firewall. What
> are the disadvantages etc. I know I am asking on a linux users mailing
> list, but I would also like reply's not to be too bias.
Everything I've ever read indicates that a hardware-based firewall is
more secure and reliable than an PC operating system, be it Linux or
Windows. A PC OS has to be complex because it has so many functions to
perform, but that adds potential security holes and one can never close
them all. Furthermore, Intel-based PCs have some well-known exploits
(such as buffer overflows) which are a function of the hardware and
there is no real cure because changing the CPU instructions would break
backward compatibility. By contrast, a router operating system is very
simple and designed to do only one thing, and the hardware (which has no
moving parts) is more reliable and uses far less electricity than a PC.
A Linux-based firewall is probably good enough for the average home
hobbyist, but in a professional environment it doesn't pay to "save
money" by recycling an old PC with Linux installed in place of a router.