[SunHELP] buy firewall router or use SB100 and ipfilter
Stefan Hames
rsh5 at cornell.edu
Wed Sep 9 04:54:13 CDT 2009
Hey Javier,
Yeah. I actually hadn't thought of that. At some point I'm going to
max out that power circuit... 8-( I'd better see what that circuit's
rated. Unfortunately I can only run all Sun and Mac boxes, routers
cable modem, telephone adapter, laser and ink jet printer plus NAS,
etc. on one circuit. I just hope that I never run it all at the same
time. Ooops, air conditioner is rated at 9.85 amps. I'd better look
at the circuit breaker.
Cheers,
Stefan
>Hey Stefan,
>
>We all know it is always cool to use an older hardware for
>firewall,small services,etc.. My question is, is this small
>office/home lan firewall? are you planing to get services like
>anti-spam, web-filtering in the same box as well?
>
>I do have a blade 100 at home which I recently installed openbsd on
>it for openvpn (SSL) tunnels. I also have an old pix 501e which does
>an awesome job. My concern is about the power bill. Next month I
>will decide if I shut the blade box off or not ;-)
>
>Cheers,
>
>Javier
>
>-------- Original-Nachricht --------
>> Datum: Tue, 8 Sep 2009 16:57:11 -0400 (EDT)
>> Von: adh at an.bradford.ma.us
>> An: sunhelp at sunhelp.org
>> Betreff: Re: [SunHELP] buy firewall router or use SB100 and ipfilter
>
>> " From: Stefan Hames <rsh5 at cornell.edu>
>> "
>> " Thanks, Andrew. The SB100 would be the dedicated machine. I've got
>> " two Sun boxes and a couple of Macs on the network behind it. I
>> " figured I'd be lucky to get $100 for the SB100 on eBay, and that's
>> " the price of the routers (actually a bit less...)
>>
>> in that case, your major decider is the ipfilter learning curve. if
>> that isn't a problem, go for it!
>>
>> btw you're probably also better off replacing the stock solaris
>> ipfilter with darren reed's latest, from
>> http://coombs.anu.edu.au/~avalon/ if you aren't already aware.
>>
>> " >From: Stefan Hames <rsh5 at cornell.edu>
>> " >"
>> " >" Hi All,
>> " >"
>> " >" I just wanted to get some opinions on whether to buy one of several
>> " >" brands of "security" routers/firewalls (say Cisco RVS4000) or to use
>> " >" my Sun Blade 100 running ipfilter. The Sun Blade runs at 500 mHz,
>> " >" IIRC, has an 80 gb 7200 Seagate HD, and 1.5 gigabytes of RAM. I have
>> " >" a new Sun 1000 Base-t card I could put in it. I'd like the firewall
>> " >" or SB to fit immediately after my cable modem and before my gigabit
>> " >" ethernet/Nwireless network.
>> " >
>> " >run ipfilter anyways, if you have any net-visible daemons like ssh.
>> " >
>> " >imho you'll be more secure if your computer is -behind- the firewall
>> " >instead of -inside- it; attackers would then have to crack both the
>> " >firewall and ipfilter to get in. this may be excessive if all you
>> " >have is the sb100, but the more you have on your home net the more
>> " >sense a dedicated fw makes.
>> ________________________________________________________________________
>> Andrew Hay the genius nature
>> internet rambler is to see what all have seen
>> adh at an.bradford.ma.us and think what none thought
>> _______________________________________________
>> SunHELP maillist - SunHELP at sunhelp.org
>> http://www.sunhelp.org/mailman/listinfo/sunhelp
>
>--
>GRATIS f|r alle GMX-Mitglieder: Die maxdome Movie-FLAT!
>Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01
>_______________________________________________
>SunHELP maillist - SunHELP at sunhelp.org
>http://www.sunhelp.org/mailman/listinfo/sunhelp
--
========================================================================
Stefan Hames, PhD
Research Associate
Conservation Science
Cornell Laboratory of Ornithology
159 Sapsucker Woods Road
Ithaca, NY 14850
Phone: 607-254-2496 (lab)
607-254-2104 (fax)
607-273-4915 (home)
<mailto: rsh5 at cornell.edu>
========================================================================
More information about the SunHELP
mailing list