[Dshield] "Personal Firewalls" are mostly snake-oil"

Gene Bradford geneb at columbus.rr.com
Mon Jul 22 17:01:33 GMT 2002


> JS> A home-built, single purpose firewall/router: an ASUS P55TP4N mobo
> JS> running a Pentium 150mhz, 96Mb RAM; running Linux 2.2.14-5.0; ipchains
> JS> 1.3.9; snort 1.8.7 build 128; p0f 1.8.2; and Psionic's PortSentry and
> JS> LogCheck.
>
> Costing many times more than a software, requiring knowldege of an OS
> than no home user will ever touch or upgrade. You are exactly like the
> mechanic that changes the breaks on his car for bigger ones while
> looking down on "mundane" who can't do the same, taxing them of "not
> being aware of the basic of security".


Now here's where _I_ beg to differ.  I'm currently running a 486 DX2/80 system 
with 32 megs of RAM and a 2.4 Gig HDD as my firewall/NAT machine.  The OS is 
Red Hat 6.2 which cost me nothing but the time to d/l it and burn it to CD.  
The cost of the machine was exactly nothing since it was given to me.  Total 
cost thus far: 40 cents for the CD's.  I don't know about you but I sure 
can't purchase Norton's Personal Firewall for 40 cents.  Nor can I purchase 
Zone Alarm Pro for that price.  Nor any other piece of commercial firewall 
software.

As for "...an OS that no home user will ever touch or upgrade..." obviously 
you've either never used Linux or believe the M$ propoganda.  Either way, 
you're missing out on a lot of fun.  And I'm a typical home user who *does* 
apply the needed patches and upgrades.  (With a _real_ OS you don't need to 
spend half your life applying patches.)  >:)

In closing, I'd also like to add that I've not been breached in the 
approximately three years i've used my "home brew" firewall.  Not bad if you 
ask me.

Have a good one...Gene




More information about the list mailing list