Rick, buddy ole pal...if I had the money, I'd go with a seperate router and
firewall solution...
Linksys routers are nice...I've witnessed a few things that make me raise my
eyebrow concerning their combos, including the recent security issue with
them sending password cleartext over the wire
(
http://hypoclear.cjb.net/hypo_linksys_advisory.txt)
Anyway...it's kinda like buying a stereo system. Generally, you'd want to
buy the components seperately. You get the best quality that way, compared
to buying that Pioneer rig at Wal-Mart that has the DVD/CD/AM-FM/Speakers
All-In-One package all built in...if you're a serious audiophile, you'd go
to a nice custom rig shop and do it the professional way, right?
In my opinion, buying "combo" routers/firewalls are the same way...
Here's an example. Since I happen to break into machines for a living at my
place of employment, I've witnessed tales of being able to send 2K byte
pings through a "combo" firewall/router when that router (supposedly) was
explicitly denying all ICMP traffic. Come to find out, we were able to set
off Black Ice, which happened to be running on a workstation behind that
"combo" firewall/router. If it had done its job, (OR, if it had been a nice
Cisco, supplemented with a nice firewall) those ICMP packets would've never
came through--hence, Ice would've never been set off...
My point? IF (and that's always a big IF) you have the dough to spare, and
you're as paranoid and silly as me, then buy a small Cisco (or comparable
router) and a small firewall, and do it that way.
Of course, money is almost always a concern, unless you're Bill Gates or the
late Sam Walton...=)
My $0.05...=P
--
/*
* Woody Hughes, MCP
* Systems Engineer
* Lyris Technologies
* ---------------------------
* woody@thewoodman.org
*
http://www.thewoodman.org */
----- Original Message -----
From: "Rick Lapp" <rlapp@erols.com>
To: <netfilter@lists.samba.org>
Sent: Saturday, August 04, 2001 5:03 AM
Subject: Linux vs Linksys router decision?
> For several years, we've run our home network on Linux/RH 5.x, 6.x and
> currently 7.1. It has served as a reliable web, print, and file server to
a
> dial-up ISP. Recently we switched to a cable provider and at the same
time
> picked up a very inexpensive Linksys router which is currently serving as
> our firewall rather than using Linux with internal and external NICs. My
> question is now whether or not to remove the router and let Linux do the
> routing and firewall tasks with iptables. Will the 350Mhz / 64Mb Linux
box
> running two 10/100 NICs be faster or more secure than the Linksys router?
> We typically run 3 to 5 workstations with a fair amount of gaming and MP3
> downloading.
> Rick
> rlapp@erols.com
>
>
>