* Linksys v. Netfilter
@ 2002-06-22 18:04 David B. Bitton
2002-06-22 20:27 ` Sascha Reissner
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: David B. Bitton @ 2002-06-22 18:04 UTC (permalink / raw)
To: netfilter
Have any whitepapers been written on the subject of a Linksys Router v. a
Netfilter implementation?
--
David B. Bitton
david@codenoevil.com
www.codenoevil.com
Code Made Fresh DailyT
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: Linksys v. Netfilter 2002-06-22 18:04 Linksys v. Netfilter David B. Bitton @ 2002-06-22 20:27 ` Sascha Reissner 2002-06-22 20:57 ` Stewart Thompson 2002-06-24 15:46 ` Rowan Reid 2 siblings, 0 replies; 8+ messages in thread From: Sascha Reissner @ 2002-06-22 20:27 UTC (permalink / raw) To: David B. Bitton, netfilter From: "David B. Bitton" <david@codenoevil.com> > Have any whitepapers been written on the subject of a Linksys Router v. a > Netfilter implementation? let us magically guess your question and call the random answer generator.. uhm.. ^ permalink raw reply [flat|nested] 8+ messages in thread
* RE: Linksys v. Netfilter 2002-06-22 18:04 Linksys v. Netfilter David B. Bitton 2002-06-22 20:27 ` Sascha Reissner @ 2002-06-22 20:57 ` Stewart Thompson 2002-06-22 22:18 ` Brian 2002-06-23 0:37 ` Brent Deterding 2002-06-24 15:46 ` Rowan Reid 2 siblings, 2 replies; 8+ messages in thread From: Stewart Thompson @ 2002-06-22 20:57 UTC (permalink / raw) To: David B. Bitton, netfilter Hmmm. I don't know, but I would think it would be like comparing apples to oranges. I have, and continue to use both. The Linksys is quick and easy to set up, and can be looked after by someone with a reasonable amount of knowledge. It is great for small offices and homes where there are only a few computers and they have simple needs. It does have some problems with related connections, so I am not sure if it is truly stateful. However, I would never consider it for a serious application like protecting a Corporate LAN. With Netfilter you can write a rule to cover every situation. To allow or block specific ports and ip's on a case by case basis. There are still a few areas that helper modules are being developed for, but there is a core of real dedicated guys working on it. One of the things I really like about Netfilter is the logging ability. I can set up rules to log all kinds of information, and real time data. There are also a number of other programs that allow traffic shaping, routing, and limiting. This kind of stuff just isn't possible wit the Linksys. Yes it is more work to set up, and a little more capital outlay in Equipment. However, I think the results are well worth the investment. Just my two cents worth. Stu........... -----Original Message----- From: netfilter-admin@lists.samba.org [mailto:netfilter-admin@lists.samba.org]On Behalf Of David B. Bitton Sent: June 22, 2002 11:05 AM To: netfilter@lists.samba.org Subject: Linksys v. Netfilter Have any whitepapers been written on the subject of a Linksys Router v. a Netfilter implementation? -- David B. Bitton david@codenoevil.com www.codenoevil.com Code Made Fresh DailyT ^ permalink raw reply [flat|nested] 8+ messages in thread
* RE: Linksys v. Netfilter 2002-06-22 20:57 ` Stewart Thompson @ 2002-06-22 22:18 ` Brian 2002-06-23 0:37 ` Brent Deterding 1 sibling, 0 replies; 8+ messages in thread From: Brian @ 2002-06-22 22:18 UTC (permalink / raw) To: stewart.thompson, David B. Bitton, netfilter If you want something like that buy the snapgear lite for about 300.00 US, it has a Linux kernel , iptables (Stateful firewall), traffic shapping, IPSec, and Mircosoft pptp client and server... and much more.. www.snapgear.com -----Original Message----- From: netfilter-admin@lists.samba.org [mailto:netfilter-admin@lists.samba.org]On Behalf Of Stewart Thompson Sent: Saturday, June 22, 2002 4:57 PM To: David B. Bitton; netfilter@lists.samba.org Subject: RE: Linksys v. Netfilter Hmmm. I don't know, but I would think it would be like comparing apples to oranges. I have, and continue to use both. The Linksys is quick and easy to set up, and can be looked after by someone with a reasonable amount of knowledge. It is great for small offices and homes where there are only a few computers and they have simple needs. It does have some problems with related connections, so I am not sure if it is truly stateful. However, I would never consider it for a serious application like protecting a Corporate LAN. With Netfilter you can write a rule to cover every situation. To allow or block specific ports and ip's on a case by case basis. There are still a few areas that helper modules are being developed for, but there is a core of real dedicated guys working on it. One of the things I really like about Netfilter is the logging ability. I can set up rules to log all kinds of information, and real time data. There are also a number of other programs that allow traffic shaping, routing, and limiting. This kind of stuff just isn't possible wit the Linksys. Yes it is more work to set up, and a little more capital outlay in Equipment. However, I think the results are well worth the investment. Just my two cents worth. Stu........... -----Original Message----- From: netfilter-admin@lists.samba.org [mailto:netfilter-admin@lists.samba.org]On Behalf Of David B. Bitton Sent: June 22, 2002 11:05 AM To: netfilter@lists.samba.org Subject: Linksys v. Netfilter Have any whitepapers been written on the subject of a Linksys Router v. a Netfilter implementation? -- David B. Bitton david@codenoevil.com www.codenoevil.com Code Made Fresh DailyT ^ permalink raw reply [flat|nested] 8+ messages in thread
* RE: Linksys v. Netfilter 2002-06-22 20:57 ` Stewart Thompson 2002-06-22 22:18 ` Brian @ 2002-06-23 0:37 ` Brent Deterding 1 sibling, 0 replies; 8+ messages in thread From: Brent Deterding @ 2002-06-23 0:37 UTC (permalink / raw) To: stewart.thompson, David B. Bitton, netfilter Correct me if I'm wrong - but we are talking about LinkSys Cable/Router things, right? The same devices that allow anything out? Although people tend to forget it - a firewall is there to control traffic inbound AND outbound. If it isn't controlling it outbound then what's the difference between a netfilter box and a simple NAT-only solution? Everything out, nothing in. -- Brent Deterding -----Original Message----- From: netfilter-admin@lists.samba.org [mailto:netfilter-admin@lists.samba.org]On Behalf Of Stewart Thompson Sent: Saturday, June 22, 2002 3:57 PM To: David B. Bitton; netfilter@lists.samba.org Subject: RE: Linksys v. Netfilter Hmmm. I don't know, but I would think it would be like comparing apples to oranges. I have, and continue to use both. The Linksys is quick and easy to set up, and can be looked after by someone with a reasonable amount of knowledge. It is great for small offices and homes where there are only a few computers and they have simple needs. It does have some problems with related connections, so I am not sure if it is truly stateful. However, I would never consider it for a serious application like protecting a Corporate LAN. With Netfilter you can write a rule to cover every situation. To allow or block specific ports and ip's on a case by case basis. There are still a few areas that helper modules are being developed for, but there is a core of real dedicated guys working on it. One of the things I really like about Netfilter is the logging ability. I can set up rules to log all kinds of information, and real time data. There are also a number of other programs that allow traffic shaping, routing, and limiting. This kind of stuff just isn't possible wit the Linksys. Yes it is more work to set up, and a little more capital outlay in Equipment. However, I think the results are well worth the investment. Just my two cents worth. Stu........... -----Original Message----- From: netfilter-admin@lists.samba.org [mailto:netfilter-admin@lists.samba.org]On Behalf Of David B. Bitton Sent: June 22, 2002 11:05 AM To: netfilter@lists.samba.org Subject: Linksys v. Netfilter Have any whitepapers been written on the subject of a Linksys Router v. a Netfilter implementation? -- David B. Bitton david@codenoevil.com www.codenoevil.com Code Made Fresh DailyT ^ permalink raw reply [flat|nested] 8+ messages in thread
* RE: Linksys v. Netfilter 2002-06-22 18:04 Linksys v. Netfilter David B. Bitton 2002-06-22 20:27 ` Sascha Reissner 2002-06-22 20:57 ` Stewart Thompson @ 2002-06-24 15:46 ` Rowan Reid 2 siblings, 0 replies; 8+ messages in thread From: Rowan Reid @ 2002-06-24 15:46 UTC (permalink / raw) To: 'David B. Bitton', netfilter >Have any whitepapers been written on the subject of a Linksys Router v. a Netfilter implementation? I had a client answer this one for me. Prior he had been using a barracade router. Then they set up a second office and wanted 1.) vpn 2.) intranet 3.) client control and monitoring over everything. Thus the firewall in a box option went out.. First they were using there own T1 with permanent IP's thus needing reasonable security. Second after sitting in the support queue for an hour to here a tech say I don’t know if we support pptp. Then here a supervisor say the same even though the claim is right there on their site. Then I decided to go for the linux option that is very flexible completely configurable. And has excellent remote comfit options. ^ permalink raw reply [flat|nested] 8+ messages in thread
[parent not found: <OMELINNHIGOCHFNAFPEKOELBCAAA.blanda@mnsi.net>]
* Re: Linksys v. Netfilter [not found] <OMELINNHIGOCHFNAFPEKOELBCAAA.blanda@mnsi.net> @ 2002-06-22 18:27 ` David B. Bitton 2002-06-22 18:34 ` Antony Stone 0 siblings, 1 reply; 8+ messages in thread From: David B. Bitton @ 2002-06-22 18:27 UTC (permalink / raw) To: Brian; +Cc: netfilter or anything. i'm using a netfilter firewall/nat, and I'm now wondering why. -- David B. Bitton david@codenoevil.com www.codenoevil.com Code Made Fresh DailyT ----- Original Message ----- From: "Brian" <blanda@mnsi.net> To: "David B. Bitton" <david@codenoevil.com> Sent: Saturday, June 22, 2002 2:24 PM Subject: RE: Linksys v. Netfilter > You mean how linksys uses statful firewalling? > > -----Original Message----- > From: netfilter-admin@lists.samba.org > [mailto:netfilter-admin@lists.samba.org]On Behalf Of David B. Bitton > Sent: Saturday, June 22, 2002 2:05 PM > To: netfilter@lists.samba.org > Subject: Linksys v. Netfilter > > > Have any whitepapers been written on the subject of a Linksys Router v. a > Netfilter implementation? > -- > > David B. Bitton > david@codenoevil.com > www.codenoevil.com > > Code Made Fresh DailyT > > > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Linksys v. Netfilter 2002-06-22 18:27 ` David B. Bitton @ 2002-06-22 18:34 ` Antony Stone 0 siblings, 0 replies; 8+ messages in thread From: Antony Stone @ 2002-06-22 18:34 UTC (permalink / raw) To: netfilter On Saturday 22 June 2002 7:27 pm, David B. Bitton wrote: > or anything. i'm using a netfilter firewall/nat, and I'm now wondering > why. You mean you're thinking it's maybe not such a good firewall, or you're having to justify it to someone else, or what ? What's the specific interest in the Linksys ? Antony. ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2002-06-24 15:46 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-06-22 18:04 Linksys v. Netfilter David B. Bitton
2002-06-22 20:27 ` Sascha Reissner
2002-06-22 20:57 ` Stewart Thompson
2002-06-22 22:18 ` Brian
2002-06-23 0:37 ` Brent Deterding
2002-06-24 15:46 ` Rowan Reid
[not found] <OMELINNHIGOCHFNAFPEKOELBCAAA.blanda@mnsi.net>
2002-06-22 18:27 ` David B. Bitton
2002-06-22 18:34 ` Antony Stone
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.