* Kevin Coyner <[EMAIL PROTECTED]> [29-10-2002 13:15]: > I have a standalone commerical SOHO router (SMC7008ABR) that should do > for the firewalling and IP masquerading (at least I hope so. pls tell > me if these are insufficent relative to a good Linux box). I was > actually wondering if I really need 2 routers to do it right - one to be > the first firewall and provide a route to a yellow zone that hosts a > website (low volume, not slashdotesque) and then a second router behind > the first that setups up a LAN for the 6 users in a green zone. Is this > overkill and will one router suffice?
If you use a router with three NICs you could create three zones. I use a Sparcstation as gateway/firewall. I want to have some services available to the outside world, but am prohibited by the lack of expansion options on the Sun. Getting network equipment for Sun is expensive. So unless you already have three NICs on the Sun I can't recommend using that machine as a firewall. Personally I am still hoping to find one of those Sbus cards with three (or more?) network interfaces for a good price. Maybe the ss20 has more Sbus slots, but getting an Sbus NIC on Ebay is at least ten times more expensive than getting a couple of PCI NICs. If you want to tinker, the Sun is great. If you power on the machine and make a serial connection to another internet connected machine, you can literally install an os from the other side of the world on the Sun. That is nice. I can't comment on the security aspects of the various options you have. I think (hope) that I am safe running a Linux firewall, but I don't have much to protect. If I had to shield sensitive information, I'd need to start reading. When I need something available to the outside world, I temporarily open my firewall to a local service. Safest and best practice and tinkering don't always go happily hand in hand ;) Bob -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
