[SunHELP] buy firewall router or use SB100 and ipfilter

Javier Augusto javier.augusto at gmx.net
Tue Sep 8 16:09:16 CDT 2009 

Hey Stefan,

We all know it is always cool to use an older hardware for firewall,small services,etc..  My question is, is this small office/home lan firewall? are you planing to get services like anti-spam, web-filtering in the same box as well?

I do have a blade 100 at home which I recently installed openbsd on it for openvpn (SSL) tunnels. I also have an old pix 501e which does an awesome job. My concern is about the power bill. Next month I will decide if I shut the blade box off or not ;-)

Cheers,

Javier

-------- Original-Nachricht --------
> Datum: Tue, 8 Sep 2009 16:57:11 -0400 (EDT)
> Von: adh at an.bradford.ma.us
> An: sunhelp at sunhelp.org
> Betreff: Re: [SunHELP] buy firewall router or use SB100 and ipfilter

> " From: Stefan Hames <rsh5 at cornell.edu>
> " 
> " Thanks, Andrew. The SB100 would be the dedicated machine. I've got 
> " two Sun boxes and a couple of Macs on the network behind it. I 
> " figured I'd be lucky to get $100 for the SB100 on eBay, and that's 
> " the price of the routers (actually a bit less...)
> 
> in that case, your major decider is the ipfilter learning curve.  if
> that isn't a problem, go for it!
> 
> btw you're probably also better off replacing the stock solaris
> ipfilter with darren reed's latest, from
> http://coombs.anu.edu.au/~avalon/ if you aren't already aware.
> 
> " >From: Stefan Hames <rsh5 at cornell.edu>
> " >"
> " >" Hi All,
> " >"
> " >" I just wanted to get some opinions on whether to buy one of several
> " >" brands of "security" routers/firewalls (say Cisco RVS4000) or to use
> " >" my Sun Blade 100 running ipfilter. The Sun Blade runs at 500 mHz,
> " >" IIRC, has an 80 gb 7200 Seagate HD, and 1.5 gigabytes of RAM. I have
> " >" a new Sun 1000 Base-t card I could put in it. I'd like the firewall
> " >" or SB to fit immediately after my cable modem and before my gigabit
> " >" ethernet/Nwireless network.
> " >
> " >run ipfilter anyways, if you have any net-visible daemons like ssh.
> " >
> " >imho you'll be more secure if your computer is -behind- the firewall
> " >instead of -inside- it; attackers would then have to crack both the
> " >firewall and ipfilter to get in.  this may be excessive if all you
> " >have is the sb100, but the more you have on your home net the more
> " >sense a dedicated fw makes.
> ________________________________________________________________________
> Andrew Hay                                  the genius nature
> internet rambler                            is to see what all have seen
> adh at an.bradford.ma.us                       and think what none thought
> _______________________________________________
> SunHELP maillist  -  SunHELP at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/sunhelp

-- 
GRATIS f|r alle GMX-Mitglieder: Die maxdome Movie-FLAT!
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01

More information about the SunHELP mailing list