Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I want to replace my belkin gateway with a pc that is running mdk 9.1 It will need to support winxp clients that have to share files as well as internet (of course)
cable modem
|
pc (mdk 9)
|
hub
| |
1 win xp clients 2
want to be able to detect a prick window$ point&clicker from meddling in my files - thought was to replace the current belkin gateway with a pc running linux of some flavor (decided on mandrake) bad or good idea (lost my question mark key) suggestions on detection and prevention basic net security ideas = any help would be given a big thanks!
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
I would not use a full-blow distro for a firewall (i.e. no Mandrake, no Red Hat, no SuSE, etc). They are all tailored to install a lot of things by default to make your life easier. The problem is that all those extra packages also make security expoits a lot easier. They do not belong on a firewall.
From this point you have several choices. You could use a dedicated Linux distro for firewalls, such as IPCop, Astaro, etc (there are several others of varying degrees of usefulness). You could build a from scratch distro of Linux and only add the stuff you need (build your own kernel, etc). I'm assuming you want this to be Linux, but I just have to mention that OpenBSD is just about tailor-made for being a bastion host. OBSD installs very minimally, less than 200MB with the bare basics. Then you configure pf and you're on your way.
I digress. As for packages, obviously if it's Linux you need to build the kernel with iptables support. You will want the Snort package for NIDS and Tripwire for HIDS. You may want to install Bastille to help you lock the box down. Your logs should be sent to an internal machine (syslog is very good for this). You may wish to configure Squid as an HTTP proxy, but for few clients this might be more trouble than it's worth. If you do install Squid, make VERY SURE it's not accessible from the Internet side. Open proxies generate a lot of ill-will towards their owners and likely your ISP will revoke your account.
O'Reilly's Building Internet Firewalls is highly recommend reading, and Hacking Exposed wouldn't be a bad read, either (you can probably pick up old editions very cheaply since a new ed. comes out every several months).
Try smoothwall (http://smoothwall.org) as well for an out of the box firewall distro that I found really easy to get installed on an old piece of tin I had lying around.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.