LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-07-2016, 10:37 AM   #16
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,882

Rep: Reputation: Disabled

There is more, for instance https://doc.pfsense.org/index.php/Se...nsparent_Proxy
 
Old 10-07-2016, 10:38 AM   #17
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by onebuck View Post
Hi,

Yes, I did read the OP and to use the directed advice will provide that member with a list of ISO to install to the VM. Get off your high horse. We are trying to aid someone with their inquiry and to get to a potential Gnu/Linux that will be useful to that member's usage within the VM.

EDIT: The OP could then configure to suit the needs once installed.

Hope this helps.
Have fun & enjoy!
Thanks for the tips man I'll definitely check those out!
 
Old 10-07-2016, 10:43 AM   #18
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Emerson View Post
Yeah I'll definitely look in pfsense too I know a lot of people use it, just not sure how it works but I guess its time to learn, thank you!
 
Old 10-07-2016, 10:51 AM   #19
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by zeebra View Post
Damn Small Linux is fully usable. Just download the stable version, upgrade the Kernel if you need to. The rest you need to do manually anyways, in either scenario. So just do whatever you need to update it manually.

GCC for example. And then add whatever software you want, also manually.

Alternatively you can also use for example Debian 7 (pre-systemd) netinstall distro. It comes with a bare minimum and you can install whatever you want on top of that.
I heard it not good idea to use a distro without a dedicated security team.
 
Old 10-07-2016, 12:45 PM   #20
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: Slackware®
Posts: 12,616
Blog Entries: 26

Rep: Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988Reputation: 1988
Member response

Hi,

You could look at; Security Onion Introduction and Installation which is Ubuntu based but you can get the idea on how to setup;
Quote:
Security Onion Introduction and Installation
We’ve all been there, either standing over a spare computer or staring at a virtual machine thinking, “I want to build an IDS” but not wanting to embark on the painful process of installation and configuration. Indeed, this has been the desire of many since the earliest days of open-source IDS, and for the brave who are willing to follow pages of instructions for installation and management it is the first step of many towards standing up a brand spanking new IDS. Thankfully, the pain has been removed from that process by a new Linux distribution called Security Onion.
IDS (Intrusion Detection System);
Quote:
In computer security, the Linux Intrusion Detection System (LIDS) is a patch to the Linux kernel and associated administrative tools that enhances the kernel's security by implementing Mandatory Access Control (MAC). When LIDS is in effect, chosen file access, all system network administration operations, any capability use, raw device, memory, and I/O access can be made impossible, even for root. One can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. One can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more. LIDS currently supports Linux kernel 2.6, 2.4. LIDS is released under the terms of the GNU General Public License (GPL).
Setting up your Linux Proxy server then you can look at LDP Howto;
Quote:
http://www.tldp.org/HOWTO/Firewall-HOWTO-6.html

6. Preparing the Linux system

Install as little of the Linux system as you can. My installation started with a server configuration and then I turn off ever un-needed service in /etc/inetd.conf. For more security you should uninstall the unneeded service.
Because most distributions don't come with a kernel usefull to your purpose. You will need to compile your own kernel. It is best if you do this on a computer other then the firewall. If you do install a C compiler and utilities on your firewall, remove them after you have completed configuring your kernel.

Plus you can find more helpful information at TLDP.

Hope this helps.
Have fun & enjoy!
 
Old 10-07-2016, 01:25 PM   #21
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
Wink

Quote:
Originally Posted by onebuck View Post
Hi,

You could look at; Security Onion Introduction and Installation which is Ubuntu based but you can get the idea on how to setup; IDS (Intrusion Detection System); Setting up your Linux Proxy server then you can look at LDP Howto;
Plus you can find more helpful information at TLDP.

Hope this helps.
Have fun & enjoy!
Security Onion does look pretty sweet, and I knew of hips, hids, and nids but never lids Thanks once again!!
 
Old 10-07-2016, 09:20 PM   #22
jefro
Moderator
 
Registered: Mar 2008
Posts: 15,868

Rep: Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301Reputation: 2301
Almost every distro can run a proxy.

You could look to a site like distrowatch.com and search for the terms that you are looking for.

I'll put in a vote for Untangle.
 
Old 10-07-2016, 09:28 PM   #23
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,882

Rep: Reputation: Disabled
True, but dedicated distro comes with much less cruft.
 
Old 10-13-2016, 12:19 PM   #24
zeebra
Member
 
Registered: Dec 2011
Distribution: Mageia 3, Debian Wheezy, Maemo, Linux Mint 14.
Posts: 200

Rep: Reputation: Disabled
Quote:
Originally Posted by linux4evr5581 View Post
I heard it not good idea to use a distro without a dedicated security team.
Why? Damn small Linux is pretty much only the Kernel, GCC and some GNU components. All those parts have their own dedicated security teams and are updated individually (also for security related issues).

Damn Small Linux is fine to just start the computer and provide the basic GNU environment. Then you can update it as mentioned and build anything you want on top of there. For example adding SELinux and a KVM based Virtual Machine running in a secure environment.

It depends on the purpose. I assume the purpose of Damn Small Linux was to have a minimal environment to run a Virtual Machine that can be setup relatively easily and quickly. If you want a more update system, with less manual tasks once installed, with better fundamental security, which is still minimum Gentoo is a far better alternative. But it will take time to set up correctly, but provide you with what you need in form of a minimal environment where you can build a virtual machine.

But a basic Gentoo system is much larger than Damn Small Linux.

Last edited by zeebra; 10-13-2016 at 12:27 PM.
 
Old 10-13-2016, 02:56 PM   #25
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,882

Rep: Reputation: Disabled
Gentoo can be pretty small if you put portage elsewhere, NFS for instance.
 
Old 10-13-2016, 03:31 PM   #26
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by zeebra View Post
Why? Damn small Linux is pretty much only the Kernel, GCC and some GNU components. All those parts have their own dedicated security teams and are updated individually (also for security related issues).

Damn Small Linux is fine to just start the computer and provide the basic GNU environment. Then you can update it as mentioned and build anything you want on top of there. For example adding SELinux and a KVM based Virtual Machine running in a secure environment.

It depends on the purpose. I assume the purpose of Damn Small Linux was to have a minimal environment to run a Virtual Machine that can be setup relatively easily and quickly. If you want a more update system, with less manual tasks once installed, with better fundamental security, which is still minimum Gentoo is a far better alternative. But it will take time to set up correctly, but provide you with what you need in form of a minimal environment where you can build a virtual machine.

But a basic Gentoo system is much larger than Damn Small Linux.
Quote:
Originally Posted by Emerson View Post
Gentoo can be pretty small if you put portage elsewhere, NFS for instance.
Good points I may reconsider DSL somewhere down the line then, but I really like Gentoo because I heard its the closest distro that resembles BSD...

Last edited by linux4evr5581; 10-13-2016 at 05:10 PM.
 
Old 10-13-2016, 03:34 PM   #27
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,184

Rep: Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584Reputation: 1584
Interested to hear the similarities between Gentoo and *BSD. Have a link, or any input on the subject?
 
Old 10-13-2016, 03:53 PM   #28
linux4evr5581
Member
 
Registered: Sep 2016
Posts: 207

Original Poster
Rep: Reputation: Disabled
https://www.over-yonder.net/~fullerm...s/bsd4linux/04 There you go (chapter4 is where he talks about it) it has to do with the portage tree being being alot like BSD where they both build programs from source instead of binary packages....

Last edited by linux4evr5581; 10-13-2016 at 04:01 PM.
 
Old 10-13-2016, 04:00 PM   #29
Shadow_7
Senior Member
 
Registered: Feb 2003
Distribution: debian
Posts: 2,596
Blog Entries: 1

Rep: Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510
Well, for the initial question:

ftp://distro.ibiblio.org/pub/linux/d...adme_first.txt
http://distro.ibiblio.org/damnsmall/...adme_first.txt

Those kind of explains why there are multple versions. Most times I look at the file size, and date/timestamp. For small things, you might download them all when in doubt. Otherwise the newest and largest is a good first guess.
 
Old 10-13-2016, 04:05 PM   #30
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,882

Rep: Reputation: Disabled
Gentoo can be hardened.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FTP connection, uploading and downloading files through Shell between unix and linux alertroshannow Linux - Newbie 2 02-16-2009 01:00 AM
downloading files via ftp FireRaven Linux - Software 1 12-08-2006 05:36 PM
Downloading Linux via FTP tokunbo Linux - Software 2 03-24-2006 06:33 AM
ftp downloading evaluator Linux - Software 4 10-09-2003 10:27 AM


All times are GMT -5. The time now is 08:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration