Questions on Setting up new Freebsd 4.9 NAT Firewall

Matthew Seaman m.seaman at
Tue Nov 25 11:59:02 PST 2003

On Tue, Nov 25, 2003 at 11:24:39AM -0800, Real Cucumber wrote:

> Does anyone know if FreeBSD 4.9 can withstand various attacks such as DoS straight out of the box, or does it require any 3rd party stateful packet firewalls etc.. to be installed?

Both of the built-in firewall packet filters (ipfw(8) and ipf(8))
feature stateful rulesets.  These can protect you against certain
types of DoS attacks.  Which one you choose is entirely a matter of
preference at this sort of level.

A well configured FreeBSD box is a very good choice for a firewall
system.  Plus if you confine the box to doing NAT+packet filtering,
you don't need much in the way of horsepower at all to cope with the
sort of traffic levels you can get on a cable modem connection.  An
old pentium with a couple of good NICs should be able to cope.



Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP:         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list