On Wed, 6 Jun 2001, hrobinson@harper-adams.ac.uk wrote: > Dear List members > > I want to put a firewall between a particular Unix box and the rest of > the college network. Seems reasonable enough... > I have a 'spare' 166 pentium pc with two network cards & 2gb hard > disk. [snip} > Two questions. > 1) Have I totally misunderstood the smoothwall system? Dunno, never used it. > 2) what would list members recommend to allow the PC to do the > job I require. I'd chose to deply NetBSD/IPFilter in that scenerio. > > By the way I want a physical firewall rather than using the > Access.deny/access.allow files as it keeps 'them' that one step > away from the system. You really should use "as well as", not "rather than"- defense in depth is a very important concept. Depending on the Unix flavor, you could also run the packet filtering software on the machine itself- that saves having to secure another box, but means having all your eggs in one basket. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts@patriot.net which may have no basis whatsoever in fact." - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]