View Single Post
  #9   (View Single Post)  
Old 11th February 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by Simon View Post
My conclusion, is for a home user, or a small company(who doesn't need "Internet filtering use" and have no service to provide), implement an OpenBSD is not vital.
The topology used proves nothing.
  • A system with only one interface can only filter what is coming into itself. It will provide no value to any other device found in the segment in terms of filtering. Whatever nasty traffic is floating about your internal LAN segment has already breached the barrier between the Internet & your local network.
  • Typical firewall use has traffic flowing through it which will be filtered. This requires at least two interfaces. Diagrammatically:
    Code:
    Internet --- firewall --- switch --- end-point systems
Reply With Quote