[Linux4christians] Firewalls for Linux?
pastordavid at bibleseven.com
Mon Jun 16 15:26:15 EDT 2008
One interesting option for an office environment is
multiple OS's on unusual hardware.
One guy used a Sun workstation, then a Linux box then
whatever MS version of windows he was running - made
it real hard for someone to get past all three!
Still, if someone insists upon downloading unchecked
packages from the internet, or from cd/sd/USB stick,
etc. they will eventually successfully find a way
around any hardware or software protection.
As a systems manager years ago it was already a
challenge and all of the rules and protection one
tried couldn't defend 100% against carelessness.
The best defense was well-enforced rules with
strong consequences - e.g. discipline that may
include a fine for the resources necessary to fix
the avoidable problem (had the user followed the
Imperfection is a nuisance!
>> You don't mention if these users/computers that you have to support
>> are on the same network or not but for a minimal outlay you could
>> purchase a router (with a built in firewall) and put that between the
>> computers and the internet. Greg Slade
>> I have a home network behind a LinkSys router and 'Shields Up' give a
>> clean bill of health to the firewall - everything is running in
>> 'stealth mode'.
> Actually, firewall appliances (actually, "Unified Threat Management"
> appliances) are something I'm also investigating, but because it's not,
> strictly speaking, a Linux issue (even though, as far as I can tell,
> virtually every UTM appliance runs some implementation of Linux), I
> didn't want to bother you guys with it. I would need to run more than
> Shields Up, though. The Matousec site runs something like 73 different
> threats past the firewall software they test.
> However, even assuming that I could find a totally bulletproof (and
> affordable) appliance, that would only world for offices, or remote
> workers like me, with a zooful of testbed machines (9, at last count.)
> The vast majority of field workers are using notebooks, and on the road
> a lot, so they don't need anything more to pack into their bags. (Not
> even Yoggie's little dongles.) A software firewall is definitely the
> best option for them.
> But thank you for raising the issue. It's good to have you "backstop" my
Be blessed as God blesses others through you! Pastor David
Senior Associate Pastor
First Baptist Church of Spring Hill, FL
Personal Site: http://bibleseven.com
Sent Using: ChurchPup-Linux
More information about the Linux4christians