Re: SuSEfirewall2 and network devices

From: David Wright (david_c_wright_at_hotmail.com)
Date: 07/11/04 

Date: Sun, 11 Jul 2004 13:00:58 +0200

Kevin Nathan wrote:

> On Sat, 10 Jul 2004 19:13:21 -0400
> jab3 <manual@helpdesk.org> wrote:
>
>> it doesn't have Stateful Packet Inspection, which from
>> what I understand is a big part of a hardware firewall. Am I
>> mistaken? Do you think I still have enough protection? (i.e. from
>> syn flooding, DoS attacks, etc)
>
> If you are not serving webpages from your box, or any other server app,
> then you probably don't need to worry too much. I basically have
> everything shut down on the firewall and only open ports when I *need*
> to, like for TeamSpeak server and, eventually, Apache for webpages (but
> that will have to wait for a box with a little more horsepower!).
>
> I am *not* a firewall or security expert, so consider the source of this
> info! :-) If I'm way out to lunch, someone will say so. I just haven't
> seemed to have any problems . . . :-)
>
>

Same here, and I have friends running IPCop and Smoothwall and they down
have any problems either.

If you are going for a stateful inspection hardware firewall, I reckon the
device will be costing upwards of $500, most of them seem to be for
enterprises and ISP's and the prices often run into $k's and are designed
for "small networks" of upto 250/500 computers, which is way out of a home
or small business league...

Dave

Relevant Pages