On 05/07/07, Samuel Penn <sam@???> wrote:
> On Thursday 05 July 2007 08:05, Philip Stubbs wrote:
> > I always thought that it was not a good idea to have the firewall on
> > the same machine as your other services.
> [...]
> > Personally, I would probably take the risk to avoid having to run
> > extra machines.
>
> This is what I do, for that reason. However, I do try to ensure
> that what is running on the firewall is minimal, and some stuff
> gets farmed off onto virtual machines.
I've generally in the past gone along with the IPCop philosophy of
having the firewall box provide as little as possible. So my main aim
was to source a unit that does the NAT+firewall business, and then it
just Seemed Like A Good Idea to combine the WAP function. When I saw
this box which includes a big chunk of NAS storage that was appealing
(I still haven't managed to get Samba + USB disk working as a
networked backup for wife's Windows box) but I take the point that
there could be risks in having storage on the internet-facing system.
That said, this unit does seem to include quite reasonable firewalling
capabilities (consistent with what Sean suggested). And as it's a
(embedded) Linux system with ssh it should be possible to get a decent
level of control on it.
Anyways I've gone ahead and ordered one! Will let people know how it gets on.
So is anyone interested in taking over a vintage Dell box with a 14"
Olivetti (*very* non-flat screen) monitor? B-)
>
> --
> Be seeing you, http://www.glendale.org.uk
> Sam. Mail/IM (Jabber): sam@???
>
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
>
--
regards,
Victor Churchill, Qonnectis
