Re: Linux firewall/IDS/NAT suggestions
From: Mark Hazell (nutts_at_penguinmail.com)
Date: Sun, 1 Jun 2003 23:38:58 +0100 To: email@example.com
On Fri, 30 May 2003 09:54:37 -0600 Petty, typed:
> I want to setup a Linux firewall for a small network of 15 machines
> connected live to the internet via broadband. I don't want to put
> something in place that has a glaring hole I don't know about that
> makes the installation more insecure with a false sense of security.
Why not try a distribution of Linux that is just meant specifically to
do the job of being a firewall/gateway. I use IPCop (www.ipcop.org) for
The latest version (1.3) uses a 2.4 kernel with iptables, and has Snort
IDS, squid proxy server, ssh remote access, port forwarding and VPN
support, all configurable through a web interface, and each part can be
disabled depending what you want running.
Fantastic bit of kit, and they release patches/security updates ASAP
when vulnerabilities are discovered.