On Thu, 2009-06-04 at 14:10 -0700, Eric Shubert wrote: > Yes, any distro can certainly be configured as a firewall. > > The primary advantage I see in using a "firewall distro" is that it's > just plain easier, meaning that you don't need as high a level of > expertise in order to make it work. Personally, I'd rather let the > people who do IPCop worry about the intricacies of iptables and other > aspects of firewall functionality (i.e. VPNs). There's also less of a > chance of me screwing something up that way. Using a tailored distro is > a way to leverage OPK (Other People's Knowledge). Why re-invent the > wheel? Then again, if you're comfortable and proficient with iptables > and OpenVPN (or IPSec or whatever), I expect you'd be perfectly > comfortable "rolling your own".
I see where you're coming from on that but for some reason (probably because I don't really know what I'm talking about) running a specialty distro like IPCop with a web interface and potentially outdated packages just seems like it would open the door for all sorts of security issues to me, the same reason I don't like to use LFS, it's hard to stay on updates. Anybody who understands the security aspects better than I do have an opinion on the security implications of running IPCop, pfsense, ect. vs making your own router from Debian, Gentoo, ect?
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
