[ previous ] [ next ] [ threads ]
 From:  David Rodgers <david dot rodgers at kdsi dot net>
 To:  Richard Morrell <dick at dickmorrell dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Comparative Products to M0n0wall
 Date:  Thu, 11 Mar 2004 13:17:38 -0600
> Your comprehension is lax. SW GPL (not corporate) has millions of users. There 
> are corporates and schools, institutions and companies of all sizes (I have 
> emails from network admins of 5,000+ users using GPL) so I think that sort of 
> makes your argument above look utter rubbish.

Microsoft Windows has millions of users. This does not imply that ANY of
them have ANY idea what they are doing. You are talking about market
penetration not real functionality ... that doesn't mean something is
good it means that it is popular. There is a big difference in many
cases between popular and correct or good

> Please research your topic matter. I love M0n0wall to bits, it's got potential 
> but it's not got 1% of the penetration SW has and I hope that it succeeds to 
> get a whole lot more. You can't compare apples and pears at the end of the day 
> it's a NAT'ing firewall - any Linux box as long as its chunky running IPChains 
> and Masquerading and sensible security policies can protect any network of any 
> size. Thats the beauty of open source. Your argument above though was not very 
> well constructed and held little water.

Exactly the same thing can be said of ANY Freebsd or OpenBSD or even
(yes even) windows machine. But by running less services you stand far
less chance of having something exploited in the future .... 

as for mono being a nated firewall that's sort of true but it doesn't
have to be. You CAN turn nat off if you so desire and turn it into a
firewall between ANY type of networks including several different public

Also and this is fun ... for the ultimate in security with a few mouse
clicks you can create an ip address on one interface and connect
directly to it for administration and do filtered bridging through a
couple of other interfaces so you don't even have an ip address for evil
people to attempt a connection to.