[ale] best FIREWALL product for a home LAN ?

Michael B. Trausch mike at trausch.us
Mon Jan 28 20:20:04 EST 2008


On Mon, 2008-01-28 at 19:33 -0500, Courtney Thomas wrote:
> Just finished Bruce Schneier's book Secrets and Lies which inspired me
> to try to implement a suitable firewall for my home lan which has a
> variety of machines, MS, FreeBSD, Linux, Apple, etc..

For a home network, the best option is a NAT with nothing port-forwarded
or DMZ'd.  Unless you need something special, that's the best way to go.
Also just make sure that the external (from the WAN side) management
interface is disabled.

That can be accomplished through any commodity routing device.

I use iptables on my network, with my network server holding a few
Internet-exposed ports and everything else dropped.  Also currently
dropping packets from several places abroad (got sick of the SSH
attacks).

	--- Mike

-- 
Michael B. Trausch                                   mike at trausch.us
home: 404-592-5746, 1                                 www.trausch.us
cell: 678-522-7934                       im: mike at trausch.us, jabber
Ubuntu Unofficial Backports Project:    http://backports.trausch.us/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part




More information about the Ale mailing list