scottkeen
join:2001-06-05
Kailua Kona, HI
| reply to kksdragons
Re: Resurrect an old PC as a firewall?
I've set up a Linux SmoothWall before too. But, in the end I decided to go with a dedicated hardware firewall, in particular the ZyWALL-1 (which is a true firewall, not a router).
I think what sets firewalls apart from the "blocking" capabilities of routers are basically the ability to:
1) block incoming as well as outgoing ports
2) block certain types of content (i.e. Javascript or ActiveX) from incoming and outgoing
3) program rules for ports and IP addresses
4) protect from DoS, SYN Flood, LAND Flood, Ping of Death, and other types of attacks
5) SPI - Stateful Packet Inspection. Verify that the packet of data coming in is from someplace on the LAN that originated it.
Now, a firewall is just a firewall. It's not a router. Some firewalls having routing abilities and even include built-in switches, like the ZyWALL which is a hardware firewall, routes, and has a built-in 4-port switch. And only $130 bucks.
I don't know enough about SmoothWall to say if it has all the hardware firewall capabilities that dedicated hardware firewalls have. |
