[SunHELP] buy firewall router or use SB100 and ipfilter

Sandwich Maker adh at an.bradford.ma.us
Tue Sep 8 15:57:11 CDT 2009

" From: Stefan Hames <rsh5 at cornell.edu>
" Thanks, Andrew. The SB100 would be the dedicated machine. I've got 
" two Sun boxes and a couple of Macs on the network behind it. I 
" figured I'd be lucky to get $100 for the SB100 on eBay, and that's 
" the price of the routers (actually a bit less...)

in that case, your major decider is the ipfilter learning curve.  if
that isn't a problem, go for it!

btw you're probably also better off replacing the stock solaris
ipfilter with darren reed's latest, from
http://coombs.anu.edu.au/~avalon/ if you aren't already aware.

" >From: Stefan Hames <rsh5 at cornell.edu>
" >"
" >" Hi All,
" >"
" >" I just wanted to get some opinions on whether to buy one of several
" >" brands of "security" routers/firewalls (say Cisco RVS4000) or to use
" >" my Sun Blade 100 running ipfilter. The Sun Blade runs at 500 mHz,
" >" IIRC, has an 80 gb 7200 Seagate HD, and 1.5 gigabytes of RAM. I have
" >" a new Sun 1000 Base-t card I could put in it. I'd like the firewall
" >" or SB to fit immediately after my cable modem and before my gigabit
" >" ethernet/Nwireless network.
" >
" >run ipfilter anyways, if you have any net-visible daemons like ssh.
" >
" >imho you'll be more secure if your computer is -behind- the firewall
" >instead of -inside- it; attackers would then have to crack both the
" >firewall and ipfilter to get in.  this may be excessive if all you
" >have is the sb100, but the more you have on your home net the more
" >sense a dedicated fw makes.
Andrew Hay                                  the genius nature
internet rambler                            is to see what all have seen
adh at an.bradford.ma.us                       and think what none thought

More information about the SunHELP mailing list