I prefer a real linux host for a firewall over the linksys boxes anyday.
Things that you can do on a linux host:
1. You can install proxies that help translate protocols that don't nat
well such as a H.323 gateway and socks.
2. You have very fine control over what the firewall blocks and how it
works.
3. You have more advance nat features available.
4. IP sec support without paying cisco tax.
5. You get tcpdump and/or ethereal on your firewall.
6. Much better logging support with the ability to write a script to
search for keywords or generate reports that can be mailed to you.
7. You can run snort or some other ids if you want to keep an even
closer eye on your traffic.
8. You can run traffic analysis using mrtg or another tool.
9. It has perl. (That ones for you Arthur!!!)
10. You can add as many network interfaces as you want.
I could go on, but thought I would point out that there is still plenty
of reason to have a real host for this job.
schu
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Jun 21 10:16:40 2004
This archive was generated by hypermail 2.1.8 : Mon Jun 21 2004 - 10:16:43 AKDT