RE: suggestions on a good firewall

My only problem with iptables is I've experienced a problem with it running on Red Hat 7.0 - AS 2.1 where it will just stop analyzing packets and just pass em on through until I restart the service. A rep at Red Hat support said this was due to the use of a depreciated driver (eepro100) well if it's deprecated and you know you have a better one then go ahead and not make that the default on install! So I changed the driver for my NIC to use ee100 instead, a better driver, but alas it this error/bug/over sight/exhaustion still took place...I've resorted to just creating a cron job to restart the start the service ever so often. It took weeks before it happened...This has since fixed my problem...Although there is a .05 sec moment of being vulnerable I guess....

At one of my office's we switched to using Watch Guard. Seems like a pretty nice product. Softwall looked like a viable option as well. My only problem was they were not in the US and I have a problem with not having easy to enforce laws backing my relationship with a company if there was ever a problem.

Jon Pastore RHCE, President
IDE Tech, Inc.
(954) 360-0393 Office
(954) 428-0442 Fax

-----Original Message-----
From: Daniel R. Miessler [mailto:danielrm26@hotmail.com] Sent: Wednesday, May 21, 2003 12:05 AM
To: security-basics@securityfocus.com
Subject: RE: suggestions on a good firewall

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Please get a real Firewall use OpenBSD and PF

You can't go wrong with Linux and IPTABLES either (unless you misconfigure it). :) If you are not manually oriented, check out Astaro at www.astaro.com. It's a top-notch product, and I don't believe any of the more popular firewall distros even come close to it. It's also free for home use - in case you are wondering.

• -Daniel Miessler

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

iQA/AwUBPsr641Jwf7WiYT5vEQKftgCfenZwtt70IoRrB2ByrdNpzHrVpjMAoNAM y2QGW9+Ro41dOaRLndGjMZIY
=RRug
-----END PGP SIGNATURE-----

---
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check
Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now! --UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
----------------------------------------------------------------------------