>Hi Jerry,
>
>I understand what you're saying but I'm from the school of thought that demands a dedicated hardware firewall between the Internet and my private network. This doesn't mean that there's a mis-match between different distros : One is a product
based on a particular distro, the other is your chosen distro set up and configured to your own taste/requirements.
I'm with you on using a box as a dedicated firewall. I've done it both ways, and the setups and security measures were identical. That the firewall was also serving as a workstation didn't affect security, as my port scans and probes verified. The biggest advantage with a dedicated box is that x-windows doesn't have to run, so no CPU cycles or memory are wasted running that layer, and so one can use an older box, even a 486, because the internet is the bottle neck.
What I am saying is that with a single boxed distro, say MDK 8.2, I can setup a dedicated box as a firewall having all the bells & whistles of security, and setup up my workstations with the same box set. Updating becomes easier because I have to go to only one site to get the latest security patches and app updates.
>
>I imagine that the preferred solution will also depend on available resources. I am fortunate to have no shortage of hardware so my firewall is a spare box that I have no other use for.
>
>
>Regards,
>
>Liam
>
>
>
>>
>>Liam,
>>Most Linux distros (at least RH, Mandrake and SuSE) have options for creating firewalls and/or proxy servers which fullfil all the conditions you mention. And, since it would be the same software that the workstation / desktop is setup with there doesn't have to be a mix-match between two different distros in the same network.
>>JLK
>>
>>
Nebraska Dept of Revenue