Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I'm preferential to Shorewall. I dunno how it compares to m0n0 or ip cop tho. But with all the exploits in IOS lately, i would not blame you for dropping the Cisco gear. Even if they are mad expensive.
Last edited by linux.llama; 10-15-2005 at 06:44 PM.
Id recomend you read as many tutorials on IPTables as you can and when confident build the firewall/router from scratch. Its the only way to make the firewall/router exactly as you want it. + you will be able to troubleshoot it incase of glitches. Then make a script to add the rules after every reboot.
No, you are not nuts. In fact, we've had less problems administering and managing Linux iptables firewalls. Nothing against Cisco, but we've had several Pix firewalls fail on us, hardware or otherwise. There's nothing wrong with using a Linux iptables firewall, in fact they are all over the place in enterprise environments.
Cisco is hardware based firewall which is more robust and used expecially in high traffic network environment. Where as using linux as a router is a software based solution. If your network has significantly less traffic , then it is more effective and less costly to embrace linux.
That brings up a good point. Even though there are software and hardware firewalls. You have to use those terms loosely because the hardware firewall has to have software i.e. firmware. And since iptables is on the kernel level, isn't a linux firewall pretty close to a hardware firewall?
I'm just curious. Because the kernel administers the rules before it even reaches the user space, right?