Linux - DistributionsThis forum is for Distribution specific questions.
Red Hat, Slackware, Debian, Novell, LFS, Mandriva, Ubuntu, Fedora - the list goes on and on...
Note: An (*) indicates there is no official participation from that distribution here at LQ.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just built a new box so now I can freely toss linux as my full time OS on my old computer. Its just a p4 1.7 512mb ram with a mx440.
When I'm at my apartment I would like to use it as a firewall so I don't have to have to have zone alarm (I hate that thing) running on my main box.
Is there a particluar distro that is really good for security and fairly easy to hook up on a network with a windows box? I've used slack, LFS, deb, gentoo and all the rest but I've never really had to do any networking on them and don't know how great it would be.
And what firewalls would you guys recommend that are 'easy' to set up and run?
oh well, it really doesn't matter, basically i was just saying that the advantage of dedicated firewall distros like smoothwall and ipcop is that they don't have compiling tools, etc. which is obviously much safer than running a full-blown distro as a firewall, because if any hackers do manage to break in, they can't use your box as easily for all kinds of nasty stuff.
so on the one hand, your box is way overkill for a dedicated firewall distro, but on the other, it's arguably a better setup to have the firewall be dedicated. so you kind of have to decide which will be the most secure and still fulfill your needs.
also, i guess i'll just point out the reminder that you'll need 2 nics on the fw, in case that didn't enter into your planning yet.
gl
Last edited by synaptical; 08-09-2005 at 08:41 PM.
Note: If any decently prepared cracker gets in to your system, he will have prepared binaries of his own. At a minimum, he could download a gcc binary. I'm not saying there's no virtue in not having that software, I'm just trying to make sure everyone realizes its not an absolute.
Originally posted by Matir Note: If any decently prepared cracker gets in to your system, he will have prepared binaries of his own. At a minimum, he could download a gcc binary. I'm not saying there's no virtue in not having that software, I'm just trying to make sure everyone realizes its not an absolute.
absolutely (), i agree 100%. it's merely one more level of deterrence (for the casual hacker, at least).
otoh, for ease of installation and use, you really can't beat the dedicated fw distros. they install in about 5 minutes, are easy to set up and configure, and have a lot of the useful tools you'd want to have on a fw built in and ready to access with an easy web interface (port forwarding, sshd, web proxy, dns, network and system charts and graphs, etc.). not that gentoo or other distros *wouldn't* have those tools, but it would take a lot more work to set things up so they were as easy to access as they are on swall/ipcop. then again, on the dedicated fws you have to get 3rd party modules for some other useful things, like rookit checkers, etc. so again, it's a bit of a tradeoff.
Yeah. I generally (though it may not be ideal) use my firewall for other purposes as well, but I feel I know enough about the risks and the technology to do this reasonably well. Crackers will probably not bother unless they really think your system has something for them. There are much easier targets out there for them. (I.e., unpatched Windows boxes)
If you are looking for a firewall that will run on its own, then I would strongly recommend SmoothWall. I installed the version 2.0 in about 15 min. and works like a clock.
If you are looking for a firewall to run in your personal computer I would recommend FireStarter. Its reliable, stable, and easy to install and maintain.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.