1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Networks Is Cisco's Pix501 worth the money?

Discussion in 'Hardware' started by psychron, 15 Jan 2002.

  1. psychron

    psychron What's a Dremel?

    Joined:
    15 Jan 2002
    Posts:
    34
    Likes Received:
    0
    I am about to get 2 cisco Pix501's to set up my own D.M.Z. with loose firwall proection on the front end and strict firwall settings on the back end. This way i setup my proxy and webserver. But i keep wondering if i should get firebox' soho firewalls or just go with the Pix501's....any advantages besides the Cisco OS in the PIX?.....
     
  2. psychron

    psychron What's a Dremel?

    Joined:
    15 Jan 2002
    Posts:
    34
    Likes Received:
    0
    lol..anyone anyone bueller bueller....

    Still waiting on feedback....any insight is highly appreciated
     
  3. Forsaken

    Forsaken GameFaction.com

    Joined:
    27 Mar 2001
    Posts:
    673
    Likes Received:
    0
    Cisco kit tends to be top sh*t, but it could be worth checking out smoothwall, tiss a firewall that runs on linux, ask fly(i think) for more info, cos hes actually used it.
     
    Last edited: 16 Jan 2002
  4. psychron

    psychron What's a Dremel?

    Joined:
    15 Jan 2002
    Posts:
    34
    Likes Received:
    0
    Cool

    Thanks Frosaken, I just want to hear about other options outside Cisco..Cisco is great but expensive
     
  5. Tim S

    Tim S OG

    Joined:
    8 Nov 2001
    Posts:
    18,882
    Likes Received:
    87
    I have used smoothwall to great effect, and myself and another mate have added some cool stuff like a honey pot for those hackers looking for treasure... (beware its nasty stuff ;) )

    Very simple installation, and is only a 20mb download or so...

    The downside, you need a system to run that "Dedicated", Im not sure whether you could dual boot it, but it is its own operating system, stripped down to run just what is required... network traffic monitoring, a firewall, an intrusion detection system, and an internet cache :)

    It works on a very simple principle... you have two network cards (or a modem and a network card if you are dialing up) then the cable modem is connected to one network card... this is set as the red network (i.e. the internet) and the other network card is connected to a hub, and out to the green network. This green network is protected from potentially dangerous traffic from the red network. It stops all bad traffic, and also acts as a proxy and dhcp server, so it can automatically assign IP addresses to your home network :)

    The IP for the actual connection to the internet is totally different to its IP on the local network, thus makes it very hard to get into the green network from the red network. This is more than enough security for a home network, you can also use port forwarding, to make nice supprises for internet vandals... such as a honey pot server, like what we have :D

    Basically you can run this server off as little as a p100 with 16mb of ram, (it says you can use less, but from experience a 486 DX2 66 aint enuff if your network is remotely busy for its size ) :)

    hope this helps you

    BiGGiE
     
  6. Phil

    Phil What's a Dremel?

    Joined:
    19 Jul 2001
    Posts:
    1,005
    Likes Received:
    0
    i think if he's considering Cisco product he might know how that stuff works....


    I would offer my advice but I'm afraid i have very little knowledge of firewalls.....

    all I know how to do is tweak ipchains in linux to block certain things....
     
  7. Tim S

    Tim S OG

    Joined:
    8 Nov 2001
    Posts:
    18,882
    Likes Received:
    87
    I was just replying to what Forsaken said... I have had experience of using this piece of software, and I do recommend it :D
     
  8. ChriX

    ChriX ^

    Joined:
    30 Aug 2001
    Posts:
    2,650
    Likes Received:
    4
    I recommend it too :)

    Anyone know where I can get some interesting plugins for it?
     
  9. Phil

    Phil What's a Dremel?

    Joined:
    19 Jul 2001
    Posts:
    1,005
    Likes Received:
    0
    sorry if I didn't understand what you were getting at there....


    I've never used smoothwall...must do sometime.

    only thing I have tried is Freesco - which is a 'Free Cisco Replacement' - and runs off a single 1.44MB floppy disk (hows THAT for a compact OS ?)

    I couldn't get it to work though, but i was using a very strange motherboard with dodgy chipset....
     
  10. psychron

    psychron What's a Dremel?

    Joined:
    15 Jan 2002
    Posts:
    34
    Likes Received:
    0
    I will to get a copy and try it

    Do you know what the latest version is and where I could get a copy....It is its own OS i take it...which means What ever PC I place it on is strictly a Hardware Firewall from then on..right?
     
  11. ChriX

    ChriX ^

    Joined:
    30 Aug 2001
    Posts:
    2,650
    Likes Received:
    4
  12. Fly

    Fly inter arma silent leges

    Joined:
    31 Aug 2001
    Posts:
    3,763
    Likes Received:
    3
    I can recommend smoothie too, it does all it promises reliably and allows maximum configurability. I have it running all the time and have so since august with no downtime. In my case it is running on a silent p133 with a 212MB HDD. Next month I am doing a course on Apache webservers and I plan to run a webserver in a DMZ between two Smoothie Boxes (anyone fancy telling my wife that our spare bedroom will be like a server room????).

    Whats with the Honeypot Biggie? I like that Idea...got any links or more details??? Me fancies certain "friends" might be challenged to hack my box once I get a Honeypot...
     
  13. Tim S

    Tim S OG

    Joined:
    8 Nov 2001
    Posts:
    18,882
    Likes Received:
    87
    Erm, good question, cos its actually a housemates creation :) ... its basically a box that sits on a separate part of the network (currently the one in my house is a 486DX2 66 running linux) so it is out of harms way as such on the green network....

    it is basically an extension of the smoothwall intrusion detection system, and it simulates network traffic on an isolated part of the network :)

    Useful link that my housemate recommended was this one

    hope this helps :)

    BiGGiE
     
  14. herbs

    herbs Nobody but us chickens

    Joined:
    7 May 2001
    Posts:
    3,860
    Likes Received:
    2
    Personally I would use ipcop instead of smoothwall if your on usb adsl, due to known problems with upload speeds on usb adsl with smoothwall. Its a branch of from smoothwall with ppl who decided they wanted to go different way to the smoothwall ppl. I've been using it for about a month and all seems fine. PS you dont have to pay like they want you to do with home and corporate versions of smoothwall.
    Check it out at www.ipcop.org ,and I dont have anything to do with them other than I use the product.
     
    Last edited: 1 Feb 2002
Tags:

Share This Page