Member
I currently have a IPCop server which works well but I see if I can not change it through a router/firewall that would do the same thing.
What do you think? What does exactly this kind of material? -> Open/close ports, functions, IDS/IPS, list hosts ... ? What "system" does this kind of material? -> Linux, proprietary systems ... ? Is this as reliable/stable/safe as IPCop?
If I change, I would not put too much. I saw this model but if you have any ...
Member
Why change?What do you think?
Variable. Some that ipcop make more, some less.What does exactly this kind of material? -> Open/close ports, functions, IDS/IPS, list hosts ... ?
Believe that your safety depends on your firewall is a mistake. We can not address the issue from this angle.Is this as reliable/stable/safe as IPCop?
However I remove products without hesitation to do anything not too expensive, little-tested, designed quickly, never been patched to take the time to a "Marketing season" and disappear rays 6 to 12 months later.
Now if it comes to the Internet at home the stakes are low, so why not. But no more.
Member
IPCOP is profoundly different from a simple router/firewall as it is indicated. For example, I have an old WRT54G which boasts a SPI firewall.
From the moment a router on one side has a public IP address and another address, he made one of the basic tasks of a firewall, the address translation.
But IPCOP is a system that will be mounted on either a PC board is standard. It is also a system of variable geometry: one can add addons to perform specific screening or for more information on the operation. (And BOT addon is a totally indispensable!)
On safety, it is evident, as highlighted earlier, that it depends only slightly firewall but rather in the pattern established by the user. BOT as a tool that allows to specify the permitted flows exit has no equivalent in a router/firewall as it is indicated.
In the balance, it may indicate to the advantage of such a router energy and ease to maintain function in relation to a conventional PC. But the possibilities are sufficiently different to make the right choice with regard to its needs (this is how we made a choice: it describes needs).
Member
Because my IPCop is in my living room and as an "old" PC, there is always background noise (fan, hard drive). Therefore, it is a little annoying in the long term. The addition would make for annoying cables.Why change?
Clearly this is not the firewall but it's still a brick from the local security (or in this case, why bother to install one)Believe that your safety depends on your firewall is a mistake
Quite the useNow if it comes to the Internet at home the stakes are low, so why not. But no more.
I installed BOT because I just read that it was essential. For against, I was faced with some constraints (not being able to block a port according to a specific Windows program) and therefore I had to remove it and keep a local firewall. On my IPCop, I just snort and urlfilter.BOT as a tool that allows to specify the permitted flows exit has no equivalent in a router/firewall as that shown
Member
Blocking a port according to a Windows program? This is neither possible on IPCOP nor on a router/firewall! This can be possible only locally on the station (unfortunately the XP firewall does not know how to do). This has no relation to BOT!
Moreover, blocking a port based on a Windows program has little meaning.
For example, it would block IE but not Firefox? What matters here is the protocol used and whether it should be allowed or not!
The only way to watch it, is to consider a program uses a protocol. And just choose what you do with them.
Snort is usually unnecessary when you know so few protocols that can not be whether a warning has meaning.
Posting Permissions
Reply With Quote
Bookmarks