Solved

Open Source FW recommendation

Posted on 2004-10-14
4
189 Views
Last Modified: 2010-04-09
Hi,

I am looking for an open source FW with IDS support built in. Will be installed on a Solaris 9 machine. Would be nice to have the options to add other modules (load balancing for example)- but not a must. The main criterion is that it should be recommended by actual users for-
1. Performance and reliability.
2. Ease if use.


Thank you
0
Comment
Question by:bobwood2000
  • 2
  • 2
4 Comments
 
LVL 23

Accepted Solution

by:
Tim Holman earned 270 total points
ID: 12306579
iptables and snort.
0
 

Author Comment

by:bobwood2000
ID: 12310631
Are there any features that iptables does not have, which would be helpful for protecting a popular web server?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12311109
Not really.  I would also take a look at Smoothwall:

http://www.smoothwall.org/

It's more like an iptables 'GUI'.

To protect a web server, you need a firewall that blocks everything bar port 80, and statefully inspects the port 80 session.  ALL firewalls do this.

To extend your depth of protection, you'll need to add patch management, anti-virus and host IPS to ensure your web server remains protected.

For free, your enterprise options are limited.  You usually need to pay for stuff like load balancing.
0
 

Author Comment

by:bobwood2000
ID: 12344324
Problem solved. Thanks.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Watchguard test environment ? 3 71
*STABLE* and free Linux Firewall distribution 6 87
I am not sure how to read what this IP tables statement means 2 119
DDOS against DYN 9 128
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question