[SunHELP] buy firewall router or use SB100 and ipfilter

[Sandwich Maker]

" From: Stefan Hames <rsh5 at cornell.edu>
" 
" Thanks, Andrew. The SB100 would be the dedicated machine. I've got 
" two Sun boxes and a couple of Macs on the network behind it. I 
" figured I'd be lucky to get $100 for the SB100 on eBay, and that's 
" the price of the routers (actually a bit less...)

in that case, your major decider is the ipfilter learning curve.  if
that isn't a problem, go for it!

btw you're probably also better off replacing the stock solaris
ipfilter with darren reed's latest, from
http://coombs.anu.edu.au/~avalon/ if you aren't already aware.

" >From: Stefan Hames <rsh5 at cornell.edu>
" >"
" >" Hi All,
" >"
" >" I just wanted to get some opinions on whether to buy one of several
" >" brands of "security" routers/firewalls (say Cisco RVS4000) or to use
" >" my Sun Blade 100 running ipfilter. The Sun Blade runs at 500 mHz,
" >" IIRC, has an 80 gb 7200 Seagate HD, and 1.5 gigabytes of RAM. I have
" >" a new Sun 1000 Base-t card I could put in it. I'd like the firewall
" >" or SB to fit immediately after my cable modem and before my gigabit
" >" ethernet/Nwireless network.
" >
" >run ipfilter anyways, if you have any net-visible daemons like ssh.
" >
" >imho you'll be more secure if your computer is -behind- the firewall
" >instead of -inside- it; attackers would then have to crack both the
" >firewall and ipfilter to get in.  this may be excessive if all you
" >have is the sb100, but the more you have on your home net the more
" >sense a dedicated fw makes.
________________________________________________________________________
Andrew Hay                                  the genius nature
internet rambler                            is to see what all have seen
adh at an.bradford.ma.us                       and think what none thought