How do you test your router/firewall for security?
Jason Stephenson
jason at sigio.com
Fri Aug 8 22:42:38 EDT 2003
Pretty much what everyone else has said so far makes good sense to me.
To paraphrase:
1) Do a nmap from outside your firewall to see what's open.
2) Even with dialup, you still need some kind of network protection.
(After all, PPP, actually puts your machine on the 'net with its own,
albeit temporary, IP address.)
3) You can always run another machine behind the firewall as a bridge to
add another layer of "security." (This gives you a sort of pseudo-DMZ,
but I'm not really fond of this approach, myself).
As an alternative to a commercial router, you could always use an old
(cheap) PC with Linux or some other free OS as a firewall/router. I'm
currently using a white box 300 MHz AMD K6 machine with 2 NICs. Prior to
that, I used a Pentium 100 for about 4 years as my DSL router/firewall.
It doesn't really take much processor power to route packets from one
NIC to another and to drop packets based on certain criteria. I use
OpenBSD as the OS on this router.
More information about the gnhlug-discuss
mailing list