[clug-talk] RE: Internet Filtering
gustin at echostar.ca
Fri Sep 9 12:48:01 PDT 2005
My P2 400 running linux smokes any of the CISCO gear I have used. Cheap CISCO
usually means old, which is usually bested by commodity hardware. I am also
not sold on the security of IOS. I trust linux and BSD far more (especially
now with SELinux etc).
Its a shame I wasn't involved with CLUG a year ago, I gave a bunch of
routers and switches away.
No trees were harmed in the transmission of this message, however a
of electrons were seriously inconvenienced.
Quoting Shawn <sgrover at open2space.com>:
> These types of firewalls are good for home use. But the moment you start
> hosting servers, and/or adding in content filtering, they begin to become
> unsuitable. Sure you can do some port forwarding, but what if you only want
> to forward port 22, for 3 specific IPs, and block everyone else? The smaller
> boxes usually aren't set up to handle this. They also do not do content
> based filtering of any sort.
> So, they do have their uses, but are not sufficient for what the original
> poster was after (content based filtering). :)
> My IPCop box cost me $0.00. I'm using an old P166 that was given to me, and
> the software was free.. <grins>. That said, I would love to come across one
> of the higher end Cisco IOS routers (hardware router) for dirt cheap -
> hardware routing is SO sweet... But IPCop does everything I need for now,
> and then some...
> My thoughts...
> On Friday 09 September 2005 11:39, Greg King wrote:
>> There is no question that a software based firewall like IP Cop is
>> powerful, but it will never be as cheap as a firewall appliance if you shop
>> For example, my son just bought an SMC firewall / router at futureshop for
>> $4.99 after rebates. The GST on the purchase price put it in around $8.50
>> total cost. The box is the size of a small paperback novel, and is a 4 port
>> 10/100 switch as well. It has a stateful firewall with some port and url
>> filtering. He bought it solely to take to X-box gaming parties but I tried
>> it out as a dhcp server, firewall, and router, and it wasn't bad at all. It
>> operated in almost complete stealth mode according to "Shields up" (one
>> identity port open). The power bill alone for a PC based firewall left
>> running 24x7 for a reasonable amount of time is probably greater than the
>> purchase price of this device, which operates with very low power
>> It's not as interesting to setup/ tweak, but it is very cheap to own and
>> Regards, Greg
> clug-talk mailing list
> clug-talk at clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying
This message was sent using Echostar Secure Webmail
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: PGP Digital Signature
Url : /pipermail/clug-talk_clug.ca/attachments/20050909/0dfc982e/attachment.bin
More information about the clug-talk