Hardware router/firewall or an old Pentium

I have a small LAN of around 5 boxes, with a DMZ for an IRC/mail server. I'm
wondering whether to use a hardware router/firewall, or use an old Pentium
and Linux to handle that. I could do with knowing the pros and cons, but
after looking everywhere I'm just more frustrated.

Any advice would be very appreciated!

Thanks,

---
-jamie <jps at silverdream dot org>
e: jps at silverdream dot org
w: www.silverdream.org
support free-speech / www.eff.org/br
Remove -NOSPAM from address before replying

Jamie Penman-Smithson wrote:

> I have a small LAN of around 5 boxes, with a DMZ for an IRC/mail server.
> I'm wondering whether to use a hardware router/firewall, or use an old
> Pentium and Linux to handle that. I could do with knowing the pros and
> cons, but after looking everywhere I'm just more frustrated.
>
> Any advice would be very appreciated!
>

If you want a basic NAT firewall, those commercial boxes are fine. If you
want flexibility, a Linux system may be a better choice.

--

Fundamentalism is fundamentally wrong.

To reply to this message, replace everything to the left of "@" with
james.knott.

In article <bgf5uv$70k$(E-Mail Removed)>,
Jamie Penman-Smithson wrote:
> I have a small LAN of around 5 boxes, with a DMZ for an IRC/mail server. I'm
> wondering whether to use a hardware router/firewall, or use an old Pentium
> and Linux to handle that. I could do with knowing the pros and cons, but

First off, "hardware firewall" is a misnomer. Maybe you know that, but
still I never let the term pass by unchallenged. Those little boxes are
embedded computing devices. Some even run Linux, from what I've heard!

Router Pros Cons
EASY! Fast and supported. Less control
Quiet Will the company fix exploits?
Built-in switch usually
Affordable

Linux Pros Cons
Control, security More learning required
More learning opportunity Might take time to set up
Can be built with throwaways

That's all I can think of right now; I'm sure others will have more in
all four columns.

I can tell you what I do: I use an old Linux box as the firewall. I
actually have a router, a D-Link WAP, *behind* the firewall. But I want
the control, and I've already done most of the learning. Even so, to
be honest, it probably took me more time than a commercial router would
have taken.

Either one, once set up, is going to be reasonably secure for a home
connection, but DO NOT neglect to sign up for the security mailing list
(router manufacturer or Linux distro as appropriate), and TAKE ACTION
when and how advised to do so. Script kiddies by the thousands are
standing by now, waiting for the news of a new exploit, and they'll be
taking action whether or not you do.

Bottom line depends on you. If you want to learn all this, go for Linux.
If time is money and you need to get up and running yesterday, choose a
router. Consider the other factors against your needs and level of
learning. HTH, enjoy.
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply

Thanks alot for the advice, in the end I decided to go for the Linux option,
since it seemed the more 'fun' option.

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Jamie <jps at silverdream dot org> ()
w: www.silverdream.org /\
---------------------------------------------
Support the Blue Ribbon Campaign for free
speech online: http://www.eff.org/br
Take back the Net! http://www.anti-dmca.org
---------------------------------------------