standalone firewall

Steven M. Klass sklass@andigilog.com
Wed, 10 Jan 2001 07:29:59 -0700


         In my experience with firewall's one thing continues to guide 
me.  KISS -> Keep it simple stupid.  This goes for NOT only the distro, but 
also for any applications that you may put on your machine.  Linux is Linux 
- where and how each distro achieves it's end result may differ, but the 
simpler ones are what I like to stick to (Read Slackware :) ).  For a 
firewall, minimum is required.  Certainly no X, no services (except what's 
really needed (SSH2, DNS, SMTP)), no compilers, no mouse, and put it in a 
safe place.  Install Tripwire and forward your logs daily to someplace 
else.  Use a good IPChains script;  http://www.packetfilter.amotken.com/ 
builds a pretty good one, that needs minimal tweaks.  That's it.  Above all 
KISS...

Later
Steven

At 09:52 PM 1/9/01 -0700, John W wrote:
>  I'd like to open by saying thank you to those who helped me with the CDRW
>issue and say that all is well. Thanks again. I am looking into setting up an
>old box as a firewall for a Linux box and one windows box. I have looked into
>the Linuxrouter project and what I found seems to be rather dated. I have at
>my disposal Linux Mandrake 7.2, RH 6.2&7.0, Debian 2.2 Potato, FreeBSD 4.1
>and Storm Hail release. Would any of these suit my needs or might their be
>something specialized for this purpose. I am a newbie so user friendliness
>would be nice as well. I have no problems RTFM's to achieve what I am after.
>All help appreciated!
>--
>John Wheat
>
>________________________________________________
>See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't 
>post to the list quickly and you use Netscape to write mail.
>
>Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Steven M. Klass
Physical Design Engineering Manager

Andigilog Inc.
7404 W. Detroit Street, Suite 100
Chandler, AZ 85226
Ph: 602-940-6200 ext. 18
Fax: 602-940-4255

sklass@andigilog.com
http://www.andigilog.com/