On Wed, Dec 14, 2005 at 13:31:10 -0500, "Scot L. Harris" <webid@xxxxxxxxxx> wrote: > > For home users one of the cheap Netgear or Linksys routers/firewalls do > a good job. If you want to learn more, setting up a separate box as a > firewall can be good but you will need to spend more time researching > and monitoring such a system than one of the cheap devices mentioned > above. This isn't really necessary. The main advantage of an external firewall protecting one server is to limit what server can send out if it gets compromised. Typically that isn't a huge risk, and if it is I wouldn't trust some cheapo router that could be more vulnerable than the server it is supposed to be protecting. iptables can do a fine job of limiting what services are exposed to the outside.
