On Fri, Oct 15, 2004 at 14:40:28 +0100, VJ <vj@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Scot, > Thanks a lot for your advice. I am now thinking whether I should go for > some boxed firewall or not. I used to think Linux was secure enough. I > have my IPtables DROP by default and just opening the required holes > (HTTP and SMTP) to let these services be used from outside world. I do > not let my family login as root. Only I am the boss of the machine. The > only reason I got a bit worried was that I am using this machine as my > development/tinkering/playing(MythTV etc) machine + FIREWALL, with other > machine (XP) being used by my wife. The advantage of a separate hardware firewall is that it is an inexpensive computer, it contains less software and so is less prone to getting hacked itself. The advantage of using a linux box is that you have more control over the software being used. Bugs can be fixed and there is a smaller chance of backdoors in open source software. (Some firewall/routers have special passwords to allow customer support to easily help people reset the boxes. Law enforcement also has interest in seeing backdoors in these boxes.) There are some hardware firewalls that have linux running on them that you can get images for. You lose the ease of configuration in that you have to do more work to get the box set up, but you still get the inexpensive separate hardware box.
