Linux Firewall Distro
frozenEyes
Member Posts: 18 ■■■□□□□□□□
hi guys,
i am looking for linux firewall distribution to deploy at a branch office to connect directly to our HQ site as a VPN Site to Site connection which has fortigate FW, i have seen Endian Firewall and pfSense. what do you suggest?
i am looking for linux firewall distribution to deploy at a branch office to connect directly to our HQ site as a VPN Site to Site connection which has fortigate FW, i have seen Endian Firewall and pfSense. what do you suggest?
Comments
-
EV42TMAN Member Posts: 256I've used ClearOS in the past and its pretty good.Current Certification Exam: ???
Future Certifications: CCNP Route Switch, CCNA Datacenter, random vendor training. -
MrAgent Member Posts: 1,310 ■■■■■■■■□□How about m0n0wall? Its BSD based, but Ive heard lots of good things about it.
-
jm0202 Member Posts: 87 ■■□□□□□□□□I asked kind of a similar question a few days ago...
i think pfsensor is a good alternative -
frozenEyes Member Posts: 18 ■■■□□□□□□□have you seen this exploit for pfsense? and how bad is it ?
1337day Inj3ct0r Exploit Database : vulnerability : 0day : shellcode by Inj3ct0r Team -
jm0202 Member Posts: 87 ■■□□□□□□□□This is a vulnerable ONLY if snort is installed with pfsense "Snort Package for pfSense /snort/snort_log_view.php logfile Parameter Remote Path Traversal File Access"
It has been reported that this issue has been fixed. Upgrade to version 3.0.3 or higher to address this vulnerability<-- the fix is migrate to V3 -
Cert Poor Member Posts: 240 ■■■□□□□□□□I discovered pfSense last fall and have been using it for home use (to give my home environment more enterprise features as well as a good learning experience) and I'm absolutely thrilled with the User Interface, available packages, and highly active community/forums. The development team is superb too. There, there's my bias. It's FreeBSD based so uses the BSD pf firewall instead of Linux's. IPsec and OpenVPN capabilities out of the box for a quick site-to-site VPN deployment. I believe it's a fork of m0n0wall so the interface resembles the older one. Definitely comes across to me as an "enterprise-ready" open source firewall distro that's an easy choice for SOHO and enterprises.
There's my pitch. No commercial interest -- just a satisfied n00b/home user.In progress: MTA: Database Fundamentals (98-364)
Next up: CompTIA Cloud Essentials+ (CLO-002) or LPI Linux Essentials (010-160)
Earned: CompTIA A+, Net+, Sec+, Server+, Proj+
ITIL-F v3 2011 | ServiceNow CSA, CAD, CIS | CWNP CWTS