Firewalls

[George Toft]

Another box that is dedicated to being a firewall.  It's a philosophical
point as firewalls should be just that - fortified hosts that can 
withstand the attacks from the Internet.  You should have two boxes
for the same reason most physically secure installations have multiple
locks - it takes time to break through each one, which gives you the
chance to catch them.

My suggestion (in order):
Dump Red Hat (no Holy War - I notified Red Hat about the Millennium
Internet Worm's three exploits over two years ago, and they didn't 
fix it until version 7.1 - they are slower than Microsoft WRT security)
http://georgetoft.com/plug/presentations/security/SecuringLinux.htm
http://georgetoft.com/security/index.html
http://georgetoft.com/linux/firewall/index.html

Read all of the reference, too.

George
"Naive by Nature, Paranoid by Experience."


Tom Achtenberg wrote:
> 
> This may have recently been discussed, but I need to know now.  What is a good firewall to use on a RH7.0 workstation that has an always on internet connection?  Does RH have one that is part of the install?  At this point the only thing between the internet and my workstation is a simple hub.
> 
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> PLUG-discuss mailing list  -  PLUG-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss