Re: Firestarter VS Shorewall

To: debian-user@lists.debian.org
Subject: Re: Firestarter VS Shorewall
From: "Jordi" <acero_64@yahoo.com>
Date: 3 Mar 2007 05:06:15 -0800
Message-id: <[🔎] 1172927175.915336.285940@30g2000cwc.googlegroups.com>
In-reply-to: <7UzlL-4D8-1@gated-at.bofh.it>
References: <[🔎] 20070301210532.GD6261@santiago.connexer.com> <[🔎] 1172838677.951224.115000@j27g2000cwj.googlegroups.com> <[🔎] 1172767270.013349.33550@z35g2000cwz.googlegroups.com> <[🔎] 20070301171801.GA3065@santiago.connexer.com> <[🔎] 1172771402.727917.52300@30g2000cwc.googlegroups.com> <[🔎] 20070301184504.GA4107@santiago.connexer.com> <[🔎] 1172779001.621895.178860@k78g2000cwa.googlegroups.com> <[🔎] 20070301204541.GA21215@toystory.lan> <[🔎] 20070303080836.GA30492@yan.jynn.tonix.org> <[🔎] 20070303100425.GA16538@toystory.lan>

Thanks for the links

I asked in the Ubuntu forum too and they say me that it may be
unnecessary to combine hardware firewall and software firewall
(iptables or any other that uses it).
But they said I can do, if I am paranoid.
And as you said, the correct place to stop an intruder is BEFORE they
cross the router.

As has been said in all these conversations here in Debian and Ubuntu,
we could resume:
- A hardware firewall is better than a software firewall.
- You can convine software and hardware firewall.
- But if you do that, you won't get a fantastic improvement on
security.
- All software firewalls use iptables, but some allow extra features.
- To have a good hardware firewall buy a good router-switch or a
specific hardware device.

If something is wrong please correct me.

In order to find a good router with firewall I saw this in the pc
shop:
http://www.smc.com/index.cfm?event=viewProduct&localeCode=EN_USA&pid=1588
It is the 7904WBRA2 of the company named SMC Networks.
The text says this:
---------
The SMC7904WBRA2 combines an ADSL2/2+ modem, router, 4-port 10/100 LAN
switch, 802.11g wireless access point & robust SPI firewall making it
the complete solution for securely connecting & sharing your high
speed ADSL connection, wired or wirelessly. It gives you instant
always on internet connectivity with download speeds up to 24Mbps -
ideal for streaming multimedia content to the home. The EZ
Installation Wizard with on-screen help configures your ADSL
connection & wireless network in 5 easy to follow steps. Quality-of-
Service gives priority to real-time, delay sensitive applications like
Voice-over-IP and video-on-demand to improve the user experience. The
NAT firewall with Stateful Packet Inspection (SPI), Intrusion
Detection System (IDS) & Denial-of-Service (DoS) provides robust
security from hackers. VPN pass-through is also provided for securely
connecting to your office or corporate network.
---------
It seems it has good protection: hardware firewall, IDS and protection
against DoS. It is thought both for personal and corporate use. Seems
good.
Should I buy this router-modem-switch ?

So long,

Jordi

Reply to:

Follow-Ups:
- Re: Firestarter VS Shorewall
  - From: John Hasler <jhasler@debian.org>

References:
- Re: Firestarter VS Shorewall
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Firestarter VS Shorewall
  - From: "Jordi" <acero_64@yahoo.com>
- Firestarter VS Shorewall
  - From: "Jordi" <acero_64@yahoo.com>
- Re: Firestarter VS Shorewall
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Firestarter VS Shorewall
  - From: "Jordi" <acero_64@yahoo.com>
- Re: Firestarter VS Shorewall
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Firestarter VS Shorewall
  - From: "Jordi" <acero_64@yahoo.com>
- Re: Firestarter VS Shorewall
  - From: Franck Joncourt <franck.joncourt@wanadoo.fr>
- Re: Firestarter VS Shorewall
  - From: David Hart <debian@tonix.org>
- Re: Firestarter VS Shorewall
  - From: Franck Joncourt <franck.joncourt@wanadoo.fr>

Prev by Date: Two identical usb networking cards problem
Next by Date: Re: Icedove does not save unsent messages to the Unsent Messages folder
Previous by thread: Re: Firestarter VS Shorewall
Next by thread: Re: Firestarter VS Shorewall
Index(es):
- Date
- Thread