LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-08-2002, 11:34 AM   #1
rootlinux
Member
 
Registered: Dec 2001
Location: California
Distribution: Red Hat 7.2, Slackware 8.0
Posts: 53

Rep: Reputation: 15
Need some advice on my Firewall/Setup/Computer


Hello everyone,

I have a question about a firewall im going to set up. I was given an old computer, so I figured it would be a great opportunity to practice setting up firewalls, IPtables, IPMasquerading etc.

Here are the specs on the computer im going to use:

IBM Aptiva (still finding out all the information)
P166
80mb RAM
2gig Hard Drive--(It's a SCSI, so im trying to find out information for this drive...any suggestions?)
Rest are basics: keyboard, mouse, monitor etc.

This is the machine im going to be using for my firewall and eventually, IPMasquerading.

My question is, does anyone have a suggestion on which distribution would work best for a firewall? Im thinking of Debian, Slackware and possibly loading on OpenBSD through an FTP download.

Just wanted to get some feedback and suggestions here. Any suggestions would be great as well as links that would help.

THanks everyone!

RL
 
Old 03-09-2002, 11:10 AM   #2
dewcansam
Member
 
Registered: Nov 2001
Location: Hi Hat KY USA
Distribution: RedHat, Mandrake
Posts: 63

Rep: Reputation: 15
Check out http://trinux.sourceforge.net/ . Trinux is a version that runs off a floppy. Runs only the services needed to be a firewall and nothing else. Even better find a way to run the system with the floppy write protected. Shouldn't be that hard.
Also check out http://www.linuxsecurity.com .

One last thing I read somewhere that the easiest and most secure thing that you can do is to run a firewall on a shutdown box. How do you do that? The interface that your using, and Ipchains (might be missing somethin here, cause I thought that there were three items) are all that is needed to run a firewall. So take them out of rc0.d so that they are left running when the system goes down. Issue the shutdown command. But, don't turn the box off. Run to another computer and see if you can still browse the internet and such. All this information was taken from a article somewhere out there. So I suggest that if you want a better description than what I am giving you do a google search.
 
Old 03-09-2002, 11:19 AM   #3
dewcansam
Member
 
Registered: Nov 2001
Location: Hi Hat KY USA
Distribution: RedHat, Mandrake
Posts: 63

Rep: Reputation: 15
Found these for ya.

http://linux.oreillynet.com/pub/a/ne...ll.html?page=2

http://edge.fireplug.net/

See if that helps.
 
Old 03-09-2002, 01:03 PM   #4
rootlinux
Member
 
Registered: Dec 2001
Location: California
Distribution: Red Hat 7.2, Slackware 8.0
Posts: 53

Original Poster
Rep: Reputation: 15
THANK YOU!! I really appreciatey our reply. It gives me somewhere to start.

Thanks again!!!

RL
 
Old 03-10-2002, 11:59 PM   #5
bbenz3
Member
 
Registered: Feb 2002
Location: Orlando
Distribution: Whatever I feel like at the time I install.
Posts: 284

Rep: Reputation: 30
I just installed redhat 7.1 and updated the kernel and other related things such as iptables. I then found a iptables script that one of the moderators had posted as an example and then modded it to fit my router.
Here is a brief rundown of what mine does:
2 NICs soon to be 3 (3c509 10mb) pull IPs from cable modem
eth1 and eth2
1 NIC on int LAN (3c515 100mb) attaches to int network
eth0
DHCP server on eth0
full firewall script on eth 1 and 2
running a client that auto redirects ports.
ssh into box from int network but blocked from ext.
FTP server running behind it

The reason for multiple ext IPs is that my roomate and I occassionally play the same game on the internet behind the router together. Therefore his main box goes through oen ext IP and my main box through the other one.

PS I have tried several of the linux floppy routers but I was never fully satisfied b/c they are just your basic settings and usually aren't too extensive as far as customizing.
 
Old 03-13-2002, 05:26 PM   #6
LinuzRulz
Member
 
Registered: Jan 2002
Location: Confederate States of America
Distribution: Mandrake 9.0
Posts: 197

Rep: Reputation: 31
Mdk

Mandrake has a security distro that I read a couple of good reviews about. About 200M download. even has a nice gui setup.
 
Old 03-15-2002, 09:21 AM   #7
dewcansam
Member
 
Registered: Nov 2001
Location: Hi Hat KY USA
Distribution: RedHat, Mandrake
Posts: 63

Rep: Reputation: 15
Halted Firewalls

http://www.samag.com/documents/s=182...201d/0201d.htm
 
Old 03-15-2002, 09:20 PM   #8
bbenz3
Member
 
Registered: Feb 2002
Location: Orlando
Distribution: Whatever I feel like at the time I install.
Posts: 284

Rep: Reputation: 30
I really like the idea behind halted firewalls, but there is one huge problem. Most people tend ot have DHCP addresses from their ISP's.
I was thinking about trying to make one that I load from a bootable CD. Therefore there is no hdd to fail and I can umount the CD after it has loaded. The only thing that could possibly be a problem is if you want to log things. I though maybe I could e-mail ones I deem very iportant and just forget the rest.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to install and setup firewall on my computer? soner Linux - Security 3 09-02-2004 11:58 AM
Far Cry killed my computer. Need advice. itsjustme Linux - Hardware 29 06-18-2004 06:42 PM
Need Advice on Building New Computer Jubalint Linux - Newbie 9 03-27-2004 12:12 PM
help with client side NFS-firewall setup and server side NIS-firewall setup niverson Linux - Networking 3 02-02-2004 08:52 AM
Need Advice - Webserver and Firewall Setup nbin Linux - Networking 8 06-17-2003 07:55 AM


All times are GMT -5. The time now is 10:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration