mailing list archives
RE: Suggestions Needed
From: "Tim V - DZ " <iceburn () dangerzone com>
Date: Tue, 25 Feb 2003 14:01:25 -0600
I would recommend using a task-specific product like Smoothwall
(www.smoothwall.org) it's designed to do just firewall-things. And if
you really want a firewall, you should not use the machine for anything
else, so the argument that 'using a full blown Install <Red hat for
example> is preferred because you can toy around and learn Linux' is
out, because every single "extra" thing you make that machine do can
potentially reduce it's effectiveness as a firewall.
Several on this list will undoubtedly point out that BSD is oft
considered more secure than Linux and thus recommend FreeBSD or OpenBSD.
While this _may_ be true, remember that a mis-configured firewall can be
worse than no firewall because it gives you a false sense of security.
Smoothwall, has pay and GPL versions. It's highly supported via a
GPL-mailing list and IRC channels. There are several configuration
documents and pages that veteran users have posted. It's where IPCop
came from, and smoothwall was created and is maintained by security
professionals in the field.
Other than that, any old Pentium with a sub-standard amount of RAM, and
nearly no hard disk will suffice for a multi user LAN. Just be sure you
have 2 network cards (or 3 if you want a DMZ to play in).
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.
From: Justyn [mailto:dragon () dlance com]
Sent: Monday, February 24, 2003 11:55 PM
To: security-basics () securityfocus com
Subject: Suggestions Needed
I'm a home user rather new to firewalls. I have a spare pc I want to use
as a firewall machine for our local lan of 2 workstations w/cable modem.
I'm wanting a linux/unix flavor os for the firewall system. Would I be
better off using a stripped down os that is tailored for firewall
machines or something like redhat/freebsd? Would would anyone suggestion
as a starting place to learn.