[Dshield] firewall help request

Mark Tombaugh mtombaugh at alliedcc.com
Fri Oct 3 14:42:05 GMT 2003


On Friday 03 October 2003 01:34 am, Roman Fomichev wrote:
> As I understand, John, you can't do nothing then packet filtering on
> linux. No stateful firewall, no proxing technologies....
> Linux with iptables is good for very low cost solutions or for home
> solution, where two skilled people using opera browser surh the net.
>
> But if you are talking about normal security budget, you need to have such
> solution that can protect you users running IE.
> Cyberguard with proxying technologies or equivalent solutions from other
> vendors

This is absolute fud. Iptables is used extremely effectively on very large 
corporate, governmental , and educational networks, in order to provide 
scalable, stateful, packet filtering within tight budgets, which is why it is 
also found on small home LANs. 

Before you make anymore rifrikindiculous comments like this, educate yourself:
<http://www.netfilter.org/documentation/>
<http://www.linuxsecurity.com/feature_stories/feature_story-148.html>
<http://www.securityfocus.com/infocus/1531>

Budget? Whats a Cyberguard cost these days? Is it per seat licensed like Cisco 
is? 

Less fud more facts please.

(Sorry for the redundant post, I couldnt help myself)

-- 
Mark Tombaugh <mtombaugh at alliedcc.com>
Allied Computer Corporation <http://www.alliedcc.com>
USiHOST, iNC. <http://www.usihost.com>







More information about the list mailing list