Hi, If I have a large network with high profile hosts (50+ shell servers, 50 or more different ircds running) am I wasting my time trying to hack and tweak a FreeBSD host-based firewall running ipfw ?
I am getting hammered by a different (D)DoS attack every single day - it's always something new. I am thinking of buying a netscreen, but on the other hand I really like FreeBSD, I really like a host-based firewall, and I hate to admit defeat. So do any of those efnet servers use a FreeBSD firewall ? Are there people out there that know what they are doing to such a degree that they can successfully use a host-based FreeBSD system to firewall high profile network targets ? Or is it generally accepted that if you have that kind of targets on your network that you just have to get an appliance - that is, even if the guy that wrote ipfw and knows the fbsd kernel inside and out still wouldn't even try to make that work ? OR, would a very expert FreeBSD developer and network code guy scoff at "wasting money" on a netscreen or PIX, knowing that if you really knew what you were doing you could do it all with a fbsd host-based firewall with ipfw ? Any comments appreciated. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message