[wellylug] Corporate Firewall options
Simon Canning
scanning at paradise.net.nz
Wed Jul 7 18:54:08 NZST 2004
On Wednesday 07 July 2004 11:38, Jamie Dobbs wrote:
> Work need to replace their firewall by the end of the year. We currently
> use a Watchguard Firebox II, and its OK but not a great piece of kit.
> I'm looking for some other options as we don't want to be forced to stick
> with Watchguard. I kind of like the look of Smoothwall and adding the VPN
> options but wonder what experience/ideas people have on that as an option
> and what other options there might be.
If you are interested in VPN then Smoothwall 2 is definitely worth looking at.
The current version has quite a few good features. It now allows you to drop
ICMP and also has the ability to allow you to add IP addresses to a drop
list. Something that is particularly good if someone decides to scan your
ports.
I currently have Smoothwall running on a P1/166 with 128Mb RAM which has been
running for ten days. I upgraded to Smoothwall 2 in January and have
experienced no problems.
Personally I think version 2 has a much better feature set than IPCop and
better stealth characteristics. Apart from port 113 showing up as closed, all
other ports are hidden. (I currently have Smoothwall as my first firewall,
with IPCop as a secondary firewall.)
If you are going to look at something for debian you could check out Zorp, a
proxy firewall available from http://www.balabit.com which looks quite
interesting.
Regards
Simon
More information about the wellylug
mailing list