<div dir="rtl"><div dir="ltr">I'm doing this thing right now. The only issue I worry about is attacks like DDoS.</div><div dir="ltr"><br></div><div dir="ltr">Hetz<br><br><div class="gmail_quote">2010/9/4 Etzion Bar-Noy <span dir="ltr"><<a href="mailto:ezaton@tournament.org.il">ezaton@tournament.org.il</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 .8ex;border-left:1px #ccc solid;border-right:1px #ccc solid;padding-left:1ex;padding-right:1ex">Hi.<div>I am in your shoes. I maintain several Linux systems hosted in Netvision (currently) for the last few years. For the last 7 years or so, I have been using iptables to protect my systems from intrusion. I have been using denyhosts to prevent unauthorized SSH logins, and prevented direct root login, or blocked all/some except my home fixed address and some other well-trusted addresses. </div>
<div><br></div><div>This setup has proven itself to be effective and reliable, with zero intrusions (I stopped logging them after a while, because it's not that interesting, after all. The amount of random port scans are huge). </div>
<div><br></div><div>Assuming you understand iptables, and you know how to handle it right, there is no problem with that solution. None that I have noticed.</div><div><br>Ez<br><br><div class="gmail_quote"><div class="im">
2010/9/3 Hetz Ben Hamo <span dir="ltr"><<a href="mailto:hetzbh@gmail.com" target="_blank">hetzbh@gmail.com</a>></span><br>
</div><blockquote class="gmail_quote" style="margin:0 .8ex;border-left:1px #ccc solid;border-right:1px #ccc solid;padding-left:1ex;padding-right:1ex"><div dir="rtl"><div dir="ltr">Hi people,</div><div><div></div><div class="h5">
<div dir="ltr">As I setup my VPS/dedicated hosting here in Israel, I have been asked by the hosting company (Netvision) to either buy and bring a firewall or rent from them since the bandwidth I bought exceeds what is allowed under their firewall.</div>
<div dir="ltr">They're offering Cisco 1383 (or 1838, I don't remember exactly which model).</div><div dir="ltr"><br></div><div dir="ltr">As a person who really loves Linux, I thought to myself: Why do I need to buy/rent some proprietary Cisco solution? Can't Linux handle the firewall task well? I'm sure Cisco/Checkpoint solutions are great, but yet...</div>
<div dir="ltr"><br></div><div dir="ltr">So here's my question: If you were in my shoes, would you take a cisco or apply some Linux solution? If you say Linux solution, what kind of solution? Could you name an app/module/whatever that can do a good protection against the usual suspect and protect against stuff like DDoS attack? </div>
<div dir="ltr"><br></div><div dir="ltr">I prefer the Linux solution because then I can run other services on this machine (small mail server, nagios, etc..)</div><div dir="ltr"><br></div><div dir="ltr">Suggestions?</div>
<div dir="ltr">
<br></div><div dir="ltr">Thanks,</div><div dir="ltr">Hetz</div><div dir="ltr"><br>-- <br>my blog (hebrew): <a href="http://benhamo.org" target="_blank">http://benhamo.org</a><br>Skype: heunique<br>MSN: <a href="mailto:hetz-blog@benhamo.org" target="_blank">hetz-blog@benhamo.org</a><br>
</div>
</div></div></div>
<br><div class="im">_______________________________________________<br>
Linux-il mailing list<br>
<a href="mailto:Linux-il@cs.huji.ac.il" target="_blank">Linux-il@cs.huji.ac.il</a><br>
<a href="http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il" target="_blank">http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il</a><br>
<br></div></blockquote></div><br></div></blockquote></div></div><br clear="all"><br>-- <br>my blog (hebrew): <a href="http://benhamo.org">http://benhamo.org</a><br>Skype: heunique<br>MSN: <a href="mailto:hetz-blog@benhamo.org">hetz-blog@benhamo.org</a><br>
</div>