Re: Firewall options- which way to go

From: Steve Bremer (steveb@nebcoinc.com)
Date: 10/15/02


From: "Steve Bremer" <steveb@nebcoinc.com>
To: Leon Pholi <L.Pholi@secureinteractive.com>
Date: Tue, 15 Oct 2002 16:02:33 -0500


> 1) Is it better to use a purpose built distribution such as
> Smoothwall, IPCop or firewall specific ones from Redhat, Mandrake,
> SuSE etc, or, would it be better to use a standard distro & built it
> from scratch (bearing in mind I haven't yet recompiled a kernel but
> I'm willing to give that a go too)?

You'll learn a lot more about Linux by building it from scratch.
However, time is a luxury you may not have.

>
> 2) If building from scratch, kernel version 2.4 supports both
> ipchains & iptables (newer)- does anyone have a strong view on using
> one over the other? If using a purpose built one, does anyone have any
> experienced based preferences?

Definitely IPTABLES. It can keep track of connection state where
ipchains cannot.

>
> 3) Other than just suggesting to do a google search, are there any
> resources (a simple step by step howto would be good) you would
> recommend for the suggested approach?

Look at www.tldp.org. Also, do a google search for "Iptables
Tutorial". There is a good tutorial available that was written by
Oskar Andreasson.

Steve Bremer
NEBCO, Inc.