Hi,
You forgot BSD on SPARC :-).
I have done SunOS/SPARC and BSDI/Intel (80585.99999:-).
Of the two, I guess I would have to opt for BSDI (SPARC or Intel) because
of the extra security features:
0. run states
The machine is in one of three run states which are
more or less security levels. The higher the state
the more the security. Levels can only be increased
without rebooting to a lower level.
1. the immutability of devices in certain run states
Disk drives become unwritable other than through the
filesystem (ie no write to /dev/rsdxx).
2. the `chflags' command which sets low level protection that
overrides the Unix standard chmod type protection.
For example: files can be made -
read only - they cannot be changed, even by root,
while the machine is in a high run level (regardless
of permissions)
append only (great for log files)
Sounds to me like all good things for a firewall.
Oh yeah, you can also get source and turn off all the nasty things you want,
like IP-FORWARDING and IP-SOURCE-ROUTING.
Colin
>
> I'm planning to build a dual-homed gateway using TIS's toolkit. I have
> two choices for hardware platform: a Sparcstation 2 running SunOS 4 or
> Solaris 2 or an Intel box running BSD. BSD has the drawback that I'm
> not familiar with it; SunOS 4 has the drawback that source routing is
> impossible (or just hard?) to disable; Solaris 2 has relatively few
> packages ported to it.
>
> Which do you think is best for this application?
>
> thanks,
>
> Steven Gaarder Network and Systems Administrator
> gaarder @
actech .
com A C Technology, Ithaca, N.Y., USA
>
References:
|
|
