Re: Linux firewall/IDS/NAT suggestions

From: Mark Hazell (nutts_at_penguinmail.com)
Date: 06/02/03

  • Next message: Hal Flynn: "New Focus Areas on SecurityFocus.com"
    Date: Sun, 1 Jun 2003 23:38:58 +0100
    To: focus-linux@securityfocus.com
    
    

    On Fri, 30 May 2003 09:54:37 -0600 Petty, typed:

    > I want to setup a Linux firewall for a small network of 15 machines
    > connected live to the internet via broadband. I don't want to put
    > something in place that has a glaring hole I don't know about that
    > makes the installation more insecure with a false sense of security.

    Hi,

    Why not try a distribution of Linux that is just meant specifically to
    do the job of being a firewall/gateway. I use IPCop (www.ipcop.org) for
    this purpose.
    The latest version (1.3) uses a 2.4 kernel with iptables, and has Snort
    IDS, squid proxy server, ssh remote access, port forwarding and VPN
    support, all configurable through a web interface, and each part can be
    disabled depending what you want running.

    Fantastic bit of kit, and they release patches/security updates ASAP
    when vulnerabilities are discovered.

    Cheers,
    Mark.


  • Next message: Hal Flynn: "New Focus Areas on SecurityFocus.com"