28 Dec
2000
28 Dec
'00
7:04 p.m.
Let me address the last paragraph first by stating
I've been running Linux
for 9 years now. I prefer Linux over the BSD varients hands down.
HOWEVER, there is no way I'm going to use Linux for a Firewall, and I'd even
think twice before using it as a server. OpenBSD has now gone over three
years without a remotely exploitable hole, when using the default install.
The entire reason for OpenBSD's existance is security. My OS of choice for
running a firewall would be OpenVMS, however, since the software to do
firewall and NAT doesn't really exist for OpenVMS, I run OpenBSD.
If you have enough machines around do a default install of what ever Linux
distro you were thinking of on one, and OpenBSD on another. Then run some
tools for checking for vulnerabilies against the two. You just might find
the results disturbing.
Zane
Agreed...
I'd actually consider FreeBSD or NetBSD for firewall duty.
The only Linux I'd consider for a firewall is a distribution I'd
roll myself. (Building every utility and control file manually)...
I'm considering building a Linux varient that has a BSD style build
environment and less of the lovely autoconf built gnu stuff.
...and no RPM's.
--Bill
Bill
--
bpechter(a)monmouth.com | FreeBSD since 1.0.2, Linux since 0.99.10
| Unix Sys Admin since Sys V/BSD 4.2
| Windows System Administration: "Magical Misery Tour"