Re: Linux firewall/IDS/NAT suggestions

From: Mark Hazell (nutts_at_penguinmail.com)
Date: 06/02/03

  • Next message: Hal Flynn: "New Focus Areas on SecurityFocus.com" 
    Date: Sun, 1 Jun 2003 23:38:58 +0100
To: focus-linux@securityfocus.com

    On Fri, 30 May 2003 09:54:37 -0600 Petty, typed:

    > I want to setup a Linux firewall for a small network of 15 machines
    > connected live to the internet via broadband. I don't want to put
    > something in place that has a glaring hole I don't know about that
    > makes the installation more insecure with a false sense of security.

    Hi,

    Why not try a distribution of Linux that is just meant specifically to
    do the job of being a firewall/gateway. I use IPCop (www.ipcop.org) for
    this purpose.
    The latest version (1.3) uses a 2.4 kernel with iptables, and has Snort
    IDS, squid proxy server, ssh remote access, port forwarding and VPN
    support, all configurable through a web interface, and each part can be
    disabled depending what you want running.

    Fantastic bit of kit, and they release patches/security updates ASAP
    when vulnerabilities are discovered.

    Cheers,
    Mark.

  • Next message: Hal Flynn: "New Focus Areas on SecurityFocus.com"

    Relevant Pages

    • Free American Broadband! (Long)
      ... Free American broadband! ... In France, you can get super-fast DSL, unlimited phone service and 100 TV ... Most Japanese consumers can get an Internet connection ... Canada and Hong Kong all have much faster Internet ...
      (alt.2600)
    • Oh joy!!
      ... broadband connections, and more of their population connected to them. ... What's less clear is how badly the country that gave birth to the Internet ... The inventory wouldn't cover other countries, but a cursory look shows the ... the U.S.'s three largest Internet service providers ...
      (rec.sport.pro-wrestling)
    • Re: Vista exceeds Apples installed base in first five weeks of shipment!
      ... Until quite recently, home networks were ... connectivity between their devices and to the Internet." ... "The number of home broadband users nationwide now equals the total ... number of Americans with any type of Internet connection in 2000, ...
      (comp.sys.mac.advocacy)
    • Up the Broadband Creek Without a Signal
      ... Options are Slim for Those without DSL or Cable ... say that new broadband networks would be coming soon. ... Other Internet connections using wireless and satellite ... "In my county there is no broadband available, other than satellite. ...
      (comp.dcom.telecom)
    • OT - Lousy expensive US download speeds
      ... My internet company, Cox, advertises 'crazy fast' internet acccess, a phrase that conveniently has no technical definition. ... However, as you can read below, Japan is offering speeds in the 100 mbps range for LESS MONEY than any US provider - yes '8 to 30 times faster'. ... Accelerating broadband speed in this country -- as well as in South Korea and much of Europe -- is pushing open doors to Internet innovation that are likely to remain closed for years to come in much of the United States. ... His company now offers speeds on fiber of up to 100 megabits per second -- 17 times as fast as the top speed generally available from U.S. cable. ...
      (rec.arts.mystery)