Hi Jerry,

We've both made a number of valid points and I think we should agree to disagree (but only slightly) on this one.

Regards,

Liam



>>Hi Jerry,
>>
>>I understand what you're saying but I'm from the school of thought that demands a dedicated hardware firewall between the Internet and my private network. This doesn't mean that there's a mis-match between different distros : One is a product based on a particular distro, the other is your chosen distro set up and configured to your own taste/requirements.
>
>I'm with you on using a box as a dedicated firewall. I've done it both ways, and the setups and security measures were identical. That the firewall was also serving as a workstation didn't affect security, as my port scans and probes verified. The biggest advantage with a dedicated box is that x-windows doesn't have to run, so no CPU cycles or memory are wasted running that layer, and so one can use an older box, even a 486, because the internet is the bottle neck.
>
>What I am saying is that with a single boxed distro, say MDK 8.2, I can setup a dedicated box as a firewall having all the bells & whistles of security, and setup up my workstations with the same box set. Updating becomes easier because I have to go to only one site to get the latest security patches and app updates.
>
>>
>>I imagine that the preferred solution will also depend on available resources. I am fortunate to have no shortage of hardware so my firewall is a spare box that I have no other use for.
>>
>>
>>Regards,
>>
>>Liam
>>
>>
>>
>>>
>>>Liam,
>>>Most Linux distros (at least RH, Mandrake and SuSE) have options for creating firewalls and/or proxy servers which fullfil all the conditions you mention. And, since it would be the same software that the workstation / desktop is setup with there doesn't have to be a mix-match between two different distros in the same network.
>>>JLK
>>>
>>>