Linux Firewall Distro

frozenEyes

hi guys,

i am looking for linux firewall distribution to deploy at a branch office to connect directly to our HQ site as a VPN Site to Site connection which has fortigate FW, i have seen Endian Firewall and pfSense. what do you suggest?

EV42TMAN

I've used ClearOS in the past and its pretty good.

MrAgent

How about m0n0wall? Its BSD based, but Ive heard lots of good things about it.

jm0202

I asked kind of a similar question a few days ago...
i think pfsensor is a good alternative

frozenEyes

have you seen this exploit for pfsense? and how bad is it ?

1337day Inj3ct0r Exploit Database : vulnerability : 0day : shellcode by Inj3ct0r Team

jm0202

This is a vulnerable ONLY if snort is installed with pfsense "Snort Package for pfSense /snort/snort_log_view.php logfile Parameter Remote Path Traversal File Access"
It has been reported that this issue has been fixed. Upgrade to version 3.0.3 or higher to address this vulnerability<-- the fix is migrate to V3

Cert Poor

I discovered pfSense last fall and have been using it for home use (to give my home environment more enterprise features as well as a good learning experience) and I'm absolutely thrilled with the User Interface, available packages, and highly active community/forums. The development team is superb too. There, there's my bias. It's FreeBSD based so uses the BSD pf firewall instead of Linux's. IPsec and OpenVPN capabilities out of the box for a quick site-to-site VPN deployment. I believe it's a fork of m0n0wall so the interface resembles the older one. Definitely comes across to me as an "enterprise-ready" open source firewall distro that's an easy choice for SOHO and enterprises.

There's my pitch. No commercial interest -- just a satisfied n00b/home user.