Randall Oshita wrote:
Feel free to ask any additional questions on any (and/or all) point(s).--MonMotha What would be good (above average) specs for a PC hardware Linux router? So hardware would be the BIGGEST difference between a "real" and a Linux router correct? In terms of security can they be considered similar? Thanks. Randall Oshita
I've successfully used a 486 /w 12MB of RAM for a dialup (the 12MB was pushing it tho). I use a K6-2/350 /w 256MB daily for internet access as well as for file serving, etc. The internal NIC is a simple $20 LinkSys thing. The external NIC is some no-name NE2000 PCI clone (only 10Mbit) which is fine for my 2Mbit cable modem. On this topic, I also haev a HomePNA card in for a couple systems upstairs to access the LAN (at a whopping 1Mbps!) which Linux bridges onto the normal ethernet. It looks like another switch hop (even speaks spanning tree!). Just another feature lacking on LinkSys routers :).
Security wise, the Linux box will be more flexible, though not always mroe secure. Stateful firewalling makes it possible to make more secure rulesets, but it can also leave you open in a bug is found in it. I try to achieve a balance between using the state match and using traditional packet filtering to offset the odd chance that a bug may be found in the connection tracking.
Security is of course dependent on the user as well. It's possible to have a safe the size of Fort Knox, but if you leave the door unlocked it's not going to do much good. Warren gave some good suggestsions on the security front too, pointing out the other problem with using a traditional Linux distro: it's a general purpose machine running a general purpose OS. Part of this risk can be lessened by using a custom, special purpose distro, but the potential is still there.
--MonMotha
pgpZ5eldM5JgK.pgp
Description: PGP signature
