[SunRescue] dsl advice

[John Lengeling]

Gregory Leblanc wrote:
> 
> > -----Original Message-----
> > From: BSD Bob the old greybead BSD freak
> > [mailto:bobkeys at weedcon1.cropsci.ncsu.edu]
> > Sent: Wednesday, August 09, 2000 9:14 AM
> > To: rescue at sunhelp.org
> > Subject: Re: [SunRescue] dsl advice
> >
> > > > Are there any issues with machine speed in using an older
> > sparc as a
> > > > gateway?  I was thinking of doing something similar, and
> > have available
> > > > things like an IPX or an SS2, or maybe a DEC 3000 that I
> > could use.
> > > > What are the pros and cons of using older slower
> > equipment as gateways
> > > > for the home net, at the usual home connect speeds one is
> > likely to get
> > > > these days?
> > >
> > > I use an IPX running Redhat 5.2.  It performs flawlessly, I
> > never touch
> > > it.  More than enough speed.
> >
> > Are there any security issues in using Redhat vs Openbsd for
> > this particular
> > kind of gateway application?
> 
> I doubt it, assuming that you're keeping up with patches.  My RedHat
> firewall doesn't run anything except the firewall software, so it should be
> pretty hard to break, unless there is a flaw in the kernel someplace.  I'm
> planning to move over to OpenBSD soon, but that's mostly because I'm hoping
> to add some functionality, not for increased security.  OpenBSD ships
> secure, RedHat can be made secure.  I don't think that OpenBSD out of the
> box is any more secure than a well locked down Linux machine.

I would argue that OpenBSD is more secure since they do not allow code
into the source tree until 
it has had a through security audit.  I think that OpenBSD's security
track record speaks for itself.

Also run snort on your firewall for intrusion detection.

>  And I
> certainly like the way that RedHat works better than those weird BSD things.
> :-)
>         Greg
> _______________________________________________
> Rescue maillist  -  Rescue at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/rescue