On Tue, Nov 25, 2003 at 11:24:39AM -0800, Real Cucumber wrote: > Does anyone know if FreeBSD 4.9 can withstand various attacks such as DoS straight > out of the box, or does it require any 3rd party stateful packet firewalls etc.. to > be installed?
Both of the built-in firewall packet filters (ipfw(8) and ipf(8))
feature stateful rulesets. These can protect you against certain
types of DoS attacks. Which one you choose is entirely a matter of
preference at this sort of level.
A well configured FreeBSD box is a very good choice for a firewall
system. Plus if you confine the box to doing NAT+packet filtering,
you don't need much in the way of horsepower at all to cope with the
sort of traffic levels you can get on a cable modem connection. An
old pentium with a couple of good NICs should be able to cope.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp00000.pgp
Description: PGP signature
