Re: which distribution to choose
From: Bob Jones (lists_at_pavlodarproductions.com)
Date: Fri, 03 Dec 2004 11:36:48 -0600 To: Jochen Witte <firstname.lastname@example.org>, email@example.com
I can only vouch for 2 distributions that are new and have good
community support and updates. Fedora Core 3 (http://fedora.redhat.com)
and Mandrake 10.1 Community Edition available at
http://www.mandrakelinux.com/en/ftp.php3#10.1c. A good firewall package
that works very well (at least it does for me on the 4 systems I
administer) is Firestarter available at http://www.fs-security.com. For
ipsec vpn serving, look at Freeswan at http://www.freeswan.org.
Fedora Core 3 comes pre-configured to run SELinux in enforced mode (will
deny access rather than just warn of a problem) for enhanced security.
Both of these distributions can be setup with the apps you are seeking
(apache/squid for proxy, iptables with or without the firestarter
enhancements and interface, tripwire, openVPN/Freeswan) quite easily.
Additionally, both distributions support both a manual and an automatic
update system -- manually with up2date and automatic with the yum daemon
for FC3 and either a manual or scripted/CRON'ed urmpi command for Mandrake.
I understand that SuSE 9.2 Professional (about $90.00 US) also has the
same features. Having never used SuSE since ver. 5 or so (2.0.x kernel
series), I don't know how it compares to FC3 or Mandrake.
Hope this helps,
Jochen Witte wrote:
> I would like to set up a firewall to protect a small company network. What
> I would like to have is some kind of VPN solution (OpenVPN and ipsec),
> iptables firewalling and a secure distribution with some additional
> sec-related sofware (tripwire etc.). Also I need to run an Apache for
> My question is, which distribution to choose for such a
> setup. I would prefer a standard distribution for easy updates and
> community support. A specific "security-enhanced" distribution would do it
> also, if it is not too "pure" :)
> Any suggestions?