Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
12-04-2006, 01:25 PM
|
#16
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
@ gracon52
hi, i was just wondering what you have planned to do about data (not network) security and stuff... you will be encrypting the traffic between your remote locations, right (VPN, SSL, etc)??
BTW, i do agree with chort in that a commercial solution is many times a better option than DIY... of course it all depends on one's abilities and the boss's needs and stuff - and in the end you weigh the pros and cons of each option and make an objective decision...
that said, setting-up some NAT iptables/netfilter firewalls is pretty straight-forward stuff, and anyone with half-decent iptables/netfilter experience can tackle it... not sure how much experience you have with these things (although you did mention you have linux geeks in da house so maybe it doesn't even matter)...
Last edited by win32sux; 12-04-2006 at 03:57 PM.
|
|
|
12-05-2006, 04:29 AM
|
#17
|
Member
Registered: Oct 2006
Location: High Wycombe, Bucks, UK.
Distribution: Debian and Fedora Core in equal measure
Posts: 264
Rep:
|
Ah Whatever, I was going to shut up, but this is a fertile discussion. Chort, you clearly know the subject and equally clearly have a view which I would be foolish to disregard. In many ways, I agree with what you are saying. I'm going to be picky here for a couple of lines: If the guy is posting to LQ, he has got his head round the Free Software idea, and the mere fact that he asks whether he should buy "tailor-made" or roll his own indicates to me that he has either the personal capacity to do the job, or some good folk behind him who can. Also, I assume he is talking "Institutions" as in "Academic", and at least here in the UK, that means "strapped for cash". Under those circumstances, I would sooner have him grow a very precisely built device which does what he wants for the budget he has, rather than buy a commercial box that, because of budgetary constraints, is not quite the solution, but "near enough", and continues to be a drain on his resources while not really being right.
From a completely different perspective, most, if not all of the software that is currently available in Open Source owes its generation to those of us who you sort-of label as "hobbyists" (you wrote "If you want a fun hobby for the weekend, build your own netfilter firewall ....If you want to protect something of value, buy the firewall."). That is to a great extent a fair criticism, but without the barnstormers, like the folk who stared Cisco, there would BE no product to commercialise and support professionally, etc etc.
The reason we are having this discussion, I think, is because you take the "sound commercial" line, I take the "Open Source Barnstormer" view, and what Gracon52 is asking falls very neatly between the two platforms. We may never agree, but I appreciate the reasons for your point of view, which is difficult to dismiss
|
|
|
All times are GMT -5. The time now is 06:58 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|