« previous next »
Pages: [1]   Go Down

Author Topic: Software Firewall Solutions?  (Read 2929 times)

0 Members and 1 Guest are viewing this topic.

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Software Firewall Solutions?
« on: April 12, 2006, 03:24:00 pm »
I'm currently deciding between pf, ipfw, and ipf (all in FreeBSD), and wonder from those who have experience with any (preferably with all of them) which is the most powerful and secure. I don't care about simplicity; I'm relatively smart and can figure out syntax.

I am leaning towards pf (I have been playing around with a ruleset for a desktop computer, and it's pretty awesome so far; haven't had a problem yet), but the handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html) states the author likes another one because it is more simple.

Thoughts on them?

My network will look something like the example one in the pf handbook (internet ---> cable box ---> ext_if=MYBOX=int_if ---> HUB/SWITCH ---> box1/box2/box3) so eh?
« Last Edit: April 12, 2006, 03:27:24 pm by Newby »
Logged
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 pm
Quote from: CrAz3D on June 30, 2008, 10:38:22 am
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Software Firewall Solutions?
« Reply #1 on: April 12, 2006, 04:51:35 pm »
This isn't a totally useful answer, but that's ok. 

In terms of security, I'd gamble that they're all even.  Useability is the more important measure, because complex interfaces often lead to human error which causes insecurity.  But, if used properly, they're just as secure.  Probably. 

It might be an idea to run snort on there, too.  Snort can detect or, if you want, block attacks based on signatures.  It's also useful to find out who's using MSN Messenger, Battle.net, and other stuff. :)
Logged

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Software Firewall Solutions?
« Reply #2 on: April 12, 2006, 05:12:33 pm »
I plan on running snort along with a packet sniffing tool (on the LAN interface) and a few other neat gizmos on it.

I'll probably end up going with pf, seeing as how it's also part of OpenBSD, which aims to be the most secure OS (out-of-the-box). Looking at the rulesets, they all seem to offer the same features and such...

Lord, care to comment? I know you run a firewall/gateway/router box.
Logged
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 pm
Quote from: CrAz3D on June 30, 2008, 10:38:22 am
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Offline Eric

  • Full Member
  • ***
  • Posts: 304
  • I'm new here!
    • View Profile
Re: Software Firewall Solutions?
« Reply #3 on: April 12, 2006, 10:12:23 pm »
It depends.  If you intend on sticking with FreeBSD then I'd say use ipf simply because its designed specifically for use on FreeBSD systems and unlike ipfw, it uses ALTQ instead of DummyNet for bandwidth shaping.  pf is nothing more than a port on FreeBSD and that could lead to problems if security holes or other conflicts were discovered where patch time would be of priority.  ipf was based almost entirely off of OpenBSD's pf so the syntax and functionality is similar.  You wouldn't be missing out by not using pf.
« Last Edit: April 12, 2006, 10:20:28 pm by Lord[nK] »
Logged

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: Software Firewall Solutions?
« Reply #4 on: April 12, 2006, 10:36:46 pm »
Well, OpenBSD 3.9 comes out on 05/01/06 so I may end up switching to OpenBSD when it comes out just because I wanna use pf.

I'll give ipf a try. I guess I'll see whether or not I like it. :)
« Last Edit: April 12, 2006, 10:41:19 pm by Newby »
Logged
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 pm
Quote from: CrAz3D on June 30, 2008, 10:38:22 am
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 
Pages: [1]   Go Up
« previous next »