> Setting aside general Linux enthusiasm and advocacy, does anyone
> really think that there's a good reason to use Linux for a firewall? I
> (personally) like ipfilter on OpenBSD, both because ipfilter is Damn
> Fine Stuff and because OpenBSD is treated like a real OS in terms of
> releases, revisioning and code review.
Much of security is about the environment. If you're familiar and
comfortable with OpenBSD, then perhaps that is your best solution. There's
often more things than security that need to be taken into consideration
before you can make your decision.
> To take the example below - RH 6.2 is r00table out of the box and
> ipchains is not stateful. RH 7 had problems, so they rushed 7.1.
Well, all distros were afflicted with the problem. RH62 can use iptables
too, just get a 2.4 kernel running on it.
> I'd love to have some faith that iptables was cool and ready for
> primetime, since ipchains on Linux did more than anything else I can
> think of to raise awareness about solid, free firewalls (oh, the
> irony!) - but I still have many reservations.
We at Guardian Digital have recently released EnGarde Secure Linux, a
distribution of Linux engineered from the ground up with specific regards
to security. It provides a great deal of additional security improvements
above and beyond what you would normally find in a Linux distribution,
cryptography, improved access control methods, secure web-manageable DNS
and email management, certificate/CSR management, Web-based Tripwire,
snort, AllCommerce, and more.
Perhaps it'll provide the level of confidence in Linux and security you're
looking for in a firewall:
http://www.engardelinux.org
Regards,
Dave
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
