-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Mathias" == Mathias Bocquet <[EMAIL PROTECTED]> writes:
Mathias> Hi everyone. This is perhaps off topics, but I'm searching for Mathias> external opinions about firewalls ; [cut] "The most secure system is the one that you understand the best." This is one of the standard responses in comp.os.linux.security to queries about which is the most secure OS. (I believe Tim has said that on c.o.l.s before. I'm surprised his response to your question didn't say it.) Even *if* a commercial firewall, or a black box, is more secure right now, if (when) a security flaw is discovered, would you be able to fix it? Would you even be told about it? If you're not confident maintaining a commercial firewall or black box, then stick with Linux and netfilter/IPTables. You'll probably be more secure in the long run. "Security is a process, not a product." (another commonly uttered phrase in c.o.l.s, and it's probably a quote from someone famous.) Once you set up your box, whichever option you choose, make sure you keep up to date. Install the latest security patches. Subscribe to c.o.l.s and BugTraq. HTH - -- ____ | ----------------------------------------------------------- | / --+-- | / ___|___ Hubert Chan <[EMAIL PROTECTED]> | \ | _|_ | |__| |__|__| PGP/GnuPG fingerprint: 6CC5 822D 2E55 494C 81DD | | 6F2C 6518 54DF 71FD A37F | / | \ Key available at wwwkeys.pgp.net. | / | \ | | <><------------------- http://www.geocities.com/hubertchan/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/> iD8DBQE7H82jZRhU33H9o38RApaaAKCtj+JjjjoBz/KQhY5UF9YEWQSKdQCgk6m3 mFljKIMU6R2oaLjhvoA3GlM= =q27R -----END PGP SIGNATURE-----
