Hello Guys n Gals, Question: Have a small network of 5 people. Need to get a router for 2 Internet links, VPN, Firewall, IPS, Content & Application Filtering. Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server? -- Regards, Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru <joe.njeru@gmail.com>wrote:
Hello Guys n Gals,
Question: Have a small network of 5 people. Need to get a router for 2 Internet links, VPN, Firewall, IPS, Content & Application Filtering.
Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server?
Hi Joe, What is IPS? You know, abbreviations may not be that obvious:-) Let's see what we've got: Suppose you did it the Cisco way, would it do content & application filtering? At what cost? Me thinks that while Cisco may be better in handling the dual links, it may not be best suited for the other requirements unless you have a huge budget. I am not an expert with Cisco! OTOH a unix box would easily let you achieve your requirements. The only challenge would be how you intend to use the two links. If you'd like to load-balance between them, some tweaking on the firewall would be required. If you need to split the traffic between them, then that would be easily achieved by your NAT rules. So with a*NIX box, the only challenge is the load balancing bit and zero cost (not absolute zero since time is costed). -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
Hi Odhiambo, IPS stands for Intrusion Prevention System. The dual links provide redundancy should 1 provider be down. Typically the two links will be: an ADSL/3G link. a Fibre/Wireless link. Content filtering involves blocking facebook, XXX sites plus whatever they require blocked. -----Original Message---- From: Odhiambo ワシントン <odhiambo@gmail.com> To: joe.njeru@gmail.com, Skunkworks forum <skunkworks@lists.my.co.ke> Cc: Skunkworks List <skunkworks@my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 17:59:30 +0300 On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru <joe.njeru@gmail.com> wrote: Hello Guys n Gals, Question: Have a small network of 5 people. Need to get a router for 2 Internet links, VPN, Firewall, IPS, Content & Application Filtering. Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server? Hi Joe, What is IPS? You know, abbreviations may not be that obvious:-) Let's see what we've got: Suppose you did it the Cisco way, would it do content & application filtering? At what cost? Me thinks that while Cisco may be better in handling the dual links, it may not be best suited for the other requirements unless you have a huge budget. I am not an expert with Cisco! OTOH a unix box would easily let you achieve your requirements. The only challenge would be how you intend to use the two links. If you'd like to load-balance between them, some tweaking on the firewall would be required. If you need to split the traffic between them, then that would be easily achieved by your NAT rules. So with a*NIX box, the only challenge is the load balancing bit and zero cost (not absolute zero since time is costed). -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube -- Regards, Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
2009/8/4 Joe Murithi Njeru <joe.njeru@gmail.com>
Hi Odhiambo,
IPS stands for Intrusion Prevention System.
Nice. I thought Investment Promotional Services ;-) You should have used IDS/IPS since you need to detect/prevent, or?
The dual links provide redundancy should 1 provider be down. Typically the two links will be: an ADSL/3G link. a Fibre/Wireless link.
Content filtering involves blocking facebook, XXX sites plus whatever they require blocked.
A FreeBSD box would easily address your problem, moreso if you can use PF and craft good rules for it to do the load balancing. PFSense would have been handy for this, given the GUI, but I am not sure how easily you'll get to install the other applications required, given that I have never used PFSense beyond running it from the CD. I have once played with PF and load balancing of two links sometimes back but crashed that disk (it was a SCSI one) and cannot recover it. I have taken some time to try and remember how it went then, even the PF.conf that I believed I shared on the net but cannot locate it using google. The closest I've come to implementing the load balancing portion of this is * http://tinyurl.com/mkopb7*. Ignore as much as you are willing to and delve down to the PF rules. They should work well with FreeBSD 7.x if that is what you decide to use. Once you bag that, the rest is damn easy: For content Filtering - Use transparent proxy with Squid and Dansguardian (squid from ports, Dansguardian by hand!) For IDS/IPS - Snort+ACID+MySQL (easy to install from the ports) For VPN - use mpd5 from the ports. Looking at all this, one whole day and you are up and running with FreeBSD:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
ask a geek for shopping advice and that shall be the start of a wikipedia article On 04/08/2009, Odhiambo ワシントン <odhiambo@gmail.com> wrote:
2009/8/4 Joe Murithi Njeru <joe.njeru@gmail.com>
Hi Odhiambo,
IPS stands for Intrusion Prevention System.
Nice. I thought Investment Promotional Services ;-) You should have used IDS/IPS since you need to detect/prevent, or?
The dual links provide redundancy should 1 provider be down. Typically the two links will be: an ADSL/3G link. a Fibre/Wireless link.
Content filtering involves blocking facebook, XXX sites plus whatever they require blocked.
A FreeBSD box would easily address your problem, moreso if you can use PF and craft good rules for it to do the load balancing. PFSense would have been handy for this, given the GUI, but I am not sure how easily you'll get to install the other applications required, given that I have never used PFSense beyond running it from the CD. I have once played with PF and load balancing of two links sometimes back but crashed that disk (it was a SCSI one) and cannot recover it. I have taken some time to try and remember how it went then, even the PF.conf that I believed I shared on the net but cannot locate it using google. The closest I've come to implementing the load balancing portion of this is * http://tinyurl.com/mkopb7*. Ignore as much as you are willing to and delve down to the PF rules. They should work well with FreeBSD 7.x if that is what you decide to use. Once you bag that, the rest is damn easy: For content Filtering - Use transparent proxy with Squid and Dansguardian (squid from ports, Dansguardian by hand!) For IDS/IPS - Snort+ACID+MySQL (easy to install from the ports) For VPN - use mpd5 from the ports.
Looking at all this, one whole day and you are up and running with FreeBSD:-)
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
-- with Regards: Find out how you can own your own TFT T.V. at a fraction of the cost on my blog: http://gramware.blogspot.com
Hi Odiambo, Yes detection & prevention must come together. Interesting how so far guys think the *NIX box is a better deal than purchasing a router. -----Original Message----- From: Odhiambo ワシントン <odhiambo@gmail.com> To: joe.njeru@gmail.com Cc: Skunkworks forum <skunkworks@lists.my.co.ke>, Skunkworks List <skunkworks@my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 21:41:40 +0300 2009/8/4 Joe Murithi Njeru <joe.njeru@gmail.com> Hi Odhiambo, IPS stands for Intrusion Prevention System. Nice. I thought Investment Promotional Services ;-) You should have used IDS/IPS since you need to detect/prevent, or? The dual links provide redundancy should 1 provider be down. Typically the two links will be: an ADSL/3G link. a Fibre/Wireless link. Content filtering involves blocking facebook, XXX sites plus whatever they require blocked. A FreeBSD box would easily address your problem, moreso if you can use PF and craft good rules for it to do the load balancing. PFSense would have been handy for this, given the GUI, but I am not sure how easily you'll get to install the other applications required, given that I have never used PFSense beyond running it from the CD. I have once played with PF and load balancing of two links sometimes back but crashed that disk (it was a SCSI one) and cannot recover it. I have taken some time to try and remember how it went then, even the PF.conf that I believed I shared on the net but cannot locate it using google. The closest I've come to implementing the load balancing portion of this is http://tinyurl.com/mkopb7. Ignore as much as you are willing to and delve down to the PF rules. They should work well with FreeBSD 7.x if that is what you decide to use. Once you bag that, the rest is damn easy: For content Filtering - Use transparent proxy with Squid and Dansguardian (squid from ports, Dansguardian by hand!) For IDS/IPS - Snort+ACID+MySQL (easy to install from the ports) For VPN - use mpd5 from the ports. Looking at all this, one whole day and you are up and running with FreeBSD:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube -- Regards, Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
lemme add to Wash's take, inline.... 2009/8/5 Joe Murithi Njeru <joe.njeru@gmail.com>:
Hi Odiambo,
Yes detection & prevention must come together.
IDS - Snort. IPS - psad - http://cipherdyne.org/psad/. Used this combination before and works great. BR, S
I would suggest you go for a mikrotik, it does all of the above but not so sure bout the IPS.It's cheaper than other routers and most of all based on GNU/Linux.Or you can get to install in a x86 box and power xen to run other stuff for you. On Thu, Aug 6, 2009 at 6:30 PM, Steve Muchai <smuchai@gmail.com> wrote:
lemme add to Wash's take, inline....
2009/8/5 Joe Murithi Njeru <joe.njeru@gmail.com>:
Hi Odiambo,
Yes detection & prevention must come together.
IDS - Snort. IPS - psad - http://cipherdyne.org/psad/. Used this combination before and works great.
BR, S _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
A linux PC as started earlier you would have problems with Content & Application Filtering which you can use Dansquardian and port filtering.For loadbalancing suggest you use BalanceNG.OpenVPN for VPN finally you have your iptables and Snort for the firewall and IPS and you can set up a DMZ if you want to access the 5 or so Comps remotely... PS:All this ca be used on Ubuntu platform... On 8/6/09, Jamal Mohamed <jamal.worx@gmail.com> wrote:
I would suggest you go for a mikrotik, it does all of the above but not so sure bout the IPS.It's cheaper than other routers and most of all based on GNU/Linux.Or you can get to install in a x86 box and power xen to run other stuff for you.
On Thu, Aug 6, 2009 at 6:30 PM, Steve Muchai <smuchai@gmail.com> wrote:
lemme add to Wash's take, inline....
2009/8/5 Joe Murithi Njeru <joe.njeru@gmail.com>:
Hi Odiambo,
Yes detection & prevention must come together.
IDS - Snort. IPS - psad - http://cipherdyne.org/psad/. Used this combination before and works great.
BR, S _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
Might I suggest using something like Untangle (http://www.untangle.com). Very good with content filtering, Can run as its own server or as a windows based app. On Fri, Aug 7, 2009 at 11:37 AM, Jonah Tech <jonahte@gmail.com> wrote:
A linux PC as started earlier you would have problems with Content & Application Filtering which you can use Dansquardian and port filtering.For loadbalancing suggest you use BalanceNG.OpenVPN for VPN finally you have your iptables and Snort for the firewall and IPS and you can set up a DMZ if you want to access the 5 or so Comps remotely...
PS:All this ca be used on Ubuntu platform...
On 8/6/09, Jamal Mohamed <jamal.worx@gmail.com> wrote:
I would suggest you go for a mikrotik, it does all of the above but not so sure bout the IPS.It's cheaper than other routers and most of all based on GNU/Linux.Or you can get to install in a x86 box and power xen to run other stuff for you.
On Thu, Aug 6, 2009 at 6:30 PM, Steve Muchai <smuchai@gmail.com> wrote:
lemme add to Wash's take, inline....
2009/8/5 Joe Murithi Njeru <joe.njeru@gmail.com>:
Hi Odiambo,
Yes detection & prevention must come together.
IDS - Snort. IPS - psad - http://cipherdyne.org/psad/. Used this combination before and works great.
BR, S _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- Regards, Brian Ngure
FreeBSD's cryptographic framework is perfect for VPN scenarios - with throughput and latency in mind.
On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote:
Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server?
Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware. gms
If you go the latter have a look at PFSense http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=4... On Tue, Aug 4, 2009 at 6:07 PM, Glenn Sequeira <gsequeira@gmail.com> wrote:
On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote:
Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server?
Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware.
gms _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
Hey Rad!, Long time! Hope u'r well. Pfsense is a good option.. already tried in various sites as a Firewall/Gateway. Just don't know how well it would scale as a 'router'. -----Original Message----- From: Rad! <conradakunga@gmail.com> Reply-to: Skunkworks forum <skunkworks@lists.my.co.ke> To: Skunkworks forum <skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 18:14:00 +0300 If you go the latter have a look at PFSense http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=4... On Tue, Aug 4, 2009 at 6:07 PM, Glenn Sequeira <gsequeira@gmail.com> wrote: On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote: > Which is a better solution.. purchase a CISCO router or implement a *NIX > solution on an old server? Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware. gms _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general -- Regards, Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
FreeBsd box, can answer all your prayers on this. On 8/4/09, Joe Murithi Njeru <joe.njeru@gmail.com> wrote:
Hey Rad!,
Long time! Hope u'r well.
Pfsense is a good option.. already tried in various sites as a Firewall/Gateway.
Just don't know how well it would scale as a 'router'.
-----Original Message----- From: Rad! <conradakunga@gmail.com> Reply-to: Skunkworks forum <skunkworks@lists.my.co.ke> To: Skunkworks forum <skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 18:14:00 +0300
If you go the latter have a look at PFSense http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=4...
On Tue, Aug 4, 2009 at 6:07 PM, Glenn Sequeira <gsequeira@gmail.com> wrote: On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote:
> Which is a better solution.. purchase a CISCO router or implement a *NIX > solution on an old server?
Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware.
gms
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general -- Regards,
Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/
Take a look at Untangle. It could meet some of your needs. On 8/4/09, Gichuki John Chuksjonia <chuksjonia@gmail.com> wrote:
FreeBsd box, can answer all your prayers on this.
On 8/4/09, Joe Murithi Njeru <joe.njeru@gmail.com> wrote:
Hey Rad!,
Long time! Hope u'r well.
Pfsense is a good option.. already tried in various sites as a Firewall/Gateway.
Just don't know how well it would scale as a 'router'.
-----Original Message----- From: Rad! <conradakunga@gmail.com> Reply-to: Skunkworks forum <skunkworks@lists.my.co.ke> To: Skunkworks forum <skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 18:14:00 +0300
If you go the latter have a look at PFSense http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=4...
On Tue, Aug 4, 2009 at 6:07 PM, Glenn Sequeira <gsequeira@gmail.com> wrote: On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote:
> Which is a better solution.. purchase a CISCO router or implement a *NIX > solution on an old server?
Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware.
gms
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general -- Regards,
Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
-- Sent from my mobile device
Hi Glen, Reason I went for old server is too keep costs down. Also, since the service will be on 24/7 better to use a machine that's designed to be up 24/7... Old means cheap :-) -----Original Message----- From: Glenn Sequeira <gsequeira@gmail.com> To: joe.njeru@gmail.com, Skunkworks forum <skunkworks@lists.my.co.ke> Subject: Re: [Skunkworks] Router VS *NIX PC Date: Tue, 4 Aug 2009 18:07:45 +0300 On Tue, Aug 4, 2009 at 5:49 PM, Joe Murithi Njeru<joe.njeru@gmail.com> wrote:
Which is a better solution.. purchase a CISCO router or implement a *NIX solution on an old server?
Others may provide you further info on which is better, but if you end up choosing the second option, you may want to take a look at Vyatta (http://www.vyatta.org). And the old server thing... well your increasing the possibility of the system failing with old hardware. gms -- Regards, Joe Linux User: #361092 SIP: joe.njeru@ekiga.net
participants (12)
-
Alex Nderitu -
Brian Ngure -
Dennis Kioko -
Gichuki John Chuksjonia -
Glenn Sequeira -
Jamal Mohamed -
Joe Murithi Njeru -
Jonah Tech -
Odhiambo ワシントン -
Patrick Kariuki -
Rad! -
Steve Muchai