[plug] Advantages of Linux-based firewalls?

Leon Brooks leon at brooks.fdns.net
Wed Feb 28 10:23:40 WST 2001 

Andrew Furey wrote:

> Any great advantages, horror stories, irrefutable
> arguments, etc? Keep in mind he has an MCP in Access
> and is very much coming from a Windows background (he
> would definitely be capable of using Linux from an
> intelligence point of view, if he was at all
> interested).

* The obvious (safer, more stable)

* Linux box can cache stuff (names, at least)

* Linux box can proxy stuff more effectively

* Linux box can run a local DNS (makes things like FTP faster 'coz 
reverse DNS etc works)

* Linux box can run servers (e.g. IRC, Web, Web-SSL) which Windows box 
either can't, can't without crippling itself, or can't securely. Visit 
http://www.yi.org/ for a likely way to publish your address.

* One single Linux box can handle all of the features of a domain, or 
several (virtual) domains easily.

* Anybody can use your published services, not just the owners of 
specific software and specific equipment.

* An extra box means files etc are still available when Dad's machine is 
switched off, and Linux uses less power than Windows on the same box

* If a Linux box is compromised, it can tell you. With a Windows box the 
first notice is usually a call from your ADSL provider saying ``this is 
why we took you off the air.''

* Linux can easily be set up to survive power failures (ReiserFS) which 
98 sucks at and NTFS doesn't do reliably

* Linux can provide instant (type in one line) secure VPN to any other 
Unix system on the planet (PPTP is not secure, http://www.l0pht.com/ 
have tools for breaking it) with sshd and pppd installed.

* Automation is easy under Linux (e.g. he can send (parts of) certain 
emails to his SMS/pager, or hit a secure web page and have the coffee 
machine perking by the time he gets home (X-10), I don't know what 
pushes his button).

* A Linux box can do all of this, plus *expensive* stuff like SQL 
serving (yes, and ODBC), for an unlimited number of seats (odd that 
Microsoft should choose that term, I would have thought `faces' more 
appropriate) legally and for free. How's his conscience? How's his wallet?

* A Linux box doesn't send his details to Microsoft regularly.

* Linux software generally can't be remote disabled.

* You can find out *exactly* what your software is doing, and change it 
if it is not pleasing to you. You can also share your changes with 
friends and business associates.

...and there is always more...

-- 
If you can keep your head when all about you are losing theirs,
it's just possible you haven't grasped the situation. -- Jean Kerr

More information about the plug mailing list