On Tue, Nov 25, 2003 at 11:24:39AM -0800, Real Cucumber wrote: > Does anyone know if FreeBSD 4.9 can withstand various attacks such as DoS straight > out of the box, or does it require any 3rd party stateful packet firewalls etc.. to > be installed?
Both of the built-in firewall packet filters (ipfw(8) and ipf(8)) feature stateful rulesets. These can protect you against certain types of DoS attacks. Which one you choose is entirely a matter of preference at this sort of level. A well configured FreeBSD box is a very good choice for a firewall system. Plus if you confine the box to doing NAT+packet filtering, you don't need much in the way of horsepower at all to cope with the sort of traffic levels you can get on a cable modem connection. An old pentium with a couple of good NICs should be able to cope. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature