Stu
12-21-99, 12:17 PM
Not to get down on Windoze or anything, seeing how about 99% of the people in here are using it as at least their primary OS, but, I would think if your serious about security you would choose a better OS that has security tools built in and adding/using a physical firewall.
For instance, I run Red Hat 6.1 Pro on my workstation, and dusted off my old P200 w/ 128 RAM and installed OpenBSD on it, and use it as a physical/dedicated firewall. I still run ipchains on the Red Hat box though, because I'm paranoid like that. I'm also running a Windoze box on my small home network, because other people in the household need to use MS/Win32 dependant programs and they aren't comfortable using an emulator under Linux (I run WinCenter, because afterall MSIE 5 is the better browser--Nutscrape crashes constantly under Linux).
With this setup I haven't had any problems with security what-so-ever. I have had quite a few skilled attempts, many of which were from BSD and Linux using friends of mine testing my security (which helped me tweak my setup).
From what my logs tell me, I can pretty much see step-by-step what the would-be intruder was/is trying to do to gain access. This is one reason I didn't opt for an NT box as a firewall, thier logs are horrible. They give these cryptic "errors" that you practically have to have an MCSE to understand/decypher.
Another reason I didn't choose to run NT was the lack of cross-platform/remote administration tools. If I need to tweak something or allow a service to bypass the firewall in my current system, I have the option of telnetting in and tweaking or allowing it. Whereas, if I were running NT, I would have to go to another box, login as admin, and make the changes.
But, the end-all factor was cost. To run the same services that are available to me on my current system in NT would cost me upwards of $1000. Whereas my current system only cost about $180 because I got everything on CDs (it would have been $0 if I had downloaded and didn't want the CDs--an Open Source advantage).
I'm not saying that NT isn't good for a firewall or security. It probably is, if you have an MCSE (or the equivalent in experience) and upwards of $1000 to blow on software. What I am saying is that if you have a spare box laying around, collecting dust, you might consider putting it to use as a physical firewall and tryout a flavor on unix on it (because it has less overhead, it will run faster than Windoze on a slow/older box).
After all, if someone beats Black Ice or Conseal on your primary machine, they have access to everything. If they beat your physical firewall, they still have to get in to your primary machine (thus, my reason for running ipchains on my workstation), not to mention the sometimes large, sometimes nominal, gain of resources on your primary machine from not using a fairly heavyweight firewall package on your primary box.
[This message has been edited by Stu (edited 12-21-1999).]
[This message has been edited by Stu (edited 12-21-1999).]
For instance, I run Red Hat 6.1 Pro on my workstation, and dusted off my old P200 w/ 128 RAM and installed OpenBSD on it, and use it as a physical/dedicated firewall. I still run ipchains on the Red Hat box though, because I'm paranoid like that. I'm also running a Windoze box on my small home network, because other people in the household need to use MS/Win32 dependant programs and they aren't comfortable using an emulator under Linux (I run WinCenter, because afterall MSIE 5 is the better browser--Nutscrape crashes constantly under Linux).
With this setup I haven't had any problems with security what-so-ever. I have had quite a few skilled attempts, many of which were from BSD and Linux using friends of mine testing my security (which helped me tweak my setup).
From what my logs tell me, I can pretty much see step-by-step what the would-be intruder was/is trying to do to gain access. This is one reason I didn't opt for an NT box as a firewall, thier logs are horrible. They give these cryptic "errors" that you practically have to have an MCSE to understand/decypher.
Another reason I didn't choose to run NT was the lack of cross-platform/remote administration tools. If I need to tweak something or allow a service to bypass the firewall in my current system, I have the option of telnetting in and tweaking or allowing it. Whereas, if I were running NT, I would have to go to another box, login as admin, and make the changes.
But, the end-all factor was cost. To run the same services that are available to me on my current system in NT would cost me upwards of $1000. Whereas my current system only cost about $180 because I got everything on CDs (it would have been $0 if I had downloaded and didn't want the CDs--an Open Source advantage).
I'm not saying that NT isn't good for a firewall or security. It probably is, if you have an MCSE (or the equivalent in experience) and upwards of $1000 to blow on software. What I am saying is that if you have a spare box laying around, collecting dust, you might consider putting it to use as a physical firewall and tryout a flavor on unix on it (because it has less overhead, it will run faster than Windoze on a slow/older box).
After all, if someone beats Black Ice or Conseal on your primary machine, they have access to everything. If they beat your physical firewall, they still have to get in to your primary machine (thus, my reason for running ipchains on my workstation), not to mention the sometimes large, sometimes nominal, gain of resources on your primary machine from not using a fairly heavyweight firewall package on your primary box.
[This message has been edited by Stu (edited 12-21-1999).]
[This message has been edited by Stu (edited 12-21-1999).]