Of course, you could always find a ISP that is using the Nortel Shasta box. Great little box with firewall abilities built into it, Checkpoint style. The problem with filtering at the CPE end of the DSL/Cable link is that whatever you throw away, it has already consumed the bandwidth to get it there. Look for more providers to start using it, and for some major announcements to come. You may still want to be sure that your box is secure, in the event that you WANT remote access to your home. -----Original Message----- I've got a Pentium 100 running OpenBSD 2.7, setup with two nics in bridging mode with ipfilter. It required no re-addressing of my existing network and works quite well. I personally like it more than any of the desktop firewalls. I've got a 3Mbps cablemodem (downstream is actually UHF instead of cable plant with an ISDN wired return), and it handles all the traffic with no problem. I'd reccomend this setup over the desktop firewall packages. They generally don't report enough information to effectively track offenses down. With an *BSD or Linux box you get a lot more tools to help you, like tcpdump, ethereal, snort, etc. -- Joseph W. Shaw Sr. Network Security Specialist for Big Company not to be named because I don't speak for them here. I have public opinions, and they don't. On Thu, 2 Nov 2000, J. Gilmore wrote:
I'm looking to beef up security on a home DSL line. Currently I am using ZoneAlarm (the freeware version). I'm thinking of taking an old Pentium 120, and setting that up as a firewall, but wanted to know if anyone else had a better idea.