[Hampshire] Firewall stuff

hello peeps,

I've been having a long drawn out argument with someone about this as of late.
And whats added to the situation is that one of my boxes got heavily spammed on monday resulting in a fairly bad DoS.

Normally when i build an email server I have a recipient accept list, that is, any name not on the list gets bounced by Postfix, and thus NOT processed by spamassasin etc. If this was in place on Monday, there would not have been a DoS as it was only 11,000 spams during the day, which I consider not too bad.

However since i'm using a 'recommended' SME (rubbish) server as a bet, it fell to its knees to my delight. That's only a start. The person in question arguing the toss states that I need a hardware firewall, for example 'endian'.

No I don't, i use iptables.

Without harping on too much about this subject, i was wondering about other peoples opinions about the need for a BIG SHINEY EXPENSIVE EVERYTHING WILL BE OK BS FIREWALL BOX, and perhaps to know what other people are using.

I don't run windows machines. I packet filter on every box, its a chore but i know whats going on to some degree atleast, and I try to configure apache,postfix and the rest to the best i can. And to my knowledge and my IDS, my networks seem to be fairly secure.

I want to be wrong.

Isaac Close



---------------------------------
Sent from Yahoo! Mail.
A Smarter Inbox.