Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It all depends on what you want to protect and the losses you would incur when there is a breach.
You wouldn't want (wht not!) a top of line firewall product to secure your home network.
And you would not settle for a lowcost router-based a dedicated firewall which has fewer features to secure the network of a bank.
Distribution: Fedora Core and Red Hat Enterprise Linux
Posts: 19
Rep:
it depends on what you need
As Ppuru said it depends on what your intented use is.
At home I got a hardware firewall for the whole network, and firewall software installed on every PC.
At work I got a much more expensive setup, but single PCs do no have any firewall software. So it is easier to configure and manage. Besides not all users have Internet access but can only make use of resources available on the intranet, and everyone has to be authenticated against the domain.
Depends what you mean by "hardware firewall". If you mean something like a home-level router, it's really just a software firewall in a nice package.
Only the REALLY high end routers/firewalls actually do the filtering in hardware. Everything else is just specialized firmware (e.g. software).
So for anything but the most critical systems, a software firewall is what you will be using. Of course hardware is "better" all the time, but it is more expensive.
If you mean a dedicated software firewall (e.g. a home router or a spare linux machine) vs a run-on-your-main-machine firewall, I'd build your own from an old machine. If you're here, you probably have the knowledge or the dedication to do it (Smoothwall makes it a piece of cake anyway, 10 min).
I run Smoothwall, and I couldn't be happier. I get great protection (I hardened it a little further than the default), great logs, and easy administration.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.