Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
1) if i was to setup an old pc as a firewall box running something like mandrake 9.2 what do i need?
i assume 2 nic cards? 1 connected to adsl modem other connected to a hub/switch which i connect home pcs too?
2) Also say i _was_ to use a linux firewall instead of the built in port forwarding in my adsl/router how much more safe is it... assuming i keep all patches up-to-date.
in short, basically how hard is it for someone to hack a patched up linux firewall with all ports closed except ports 80 and 23? (i'll be using it for basic home webhosting and email)
cheers for any help
Last edited by InTheWired; 04-06-2004 at 04:14 AM.
yep i'll remember to only open ports as they are specifically needed... im fairly disciplined in that regard as i use port forwarding on my adsl router at home with windows and know i have to open ports when a program is requesting them
nex hmm whats the 3rd card used for in regards to dmz? Could you just use two cards? one which has a dmz from the modem and the other connected to a switch?
I'll have to read up more on DMZ, as far as i've gathered so far...
You have web/mail/ftp - basically anything public - inside the DMZ attached to eth2. For example, You setup routes so that any traffic going to http is directed to webserver x within the DMZ, you can either use public IPs for those servers or internal.
You have all external web traffic coming into eth0 checked then routed internally if need be
eth1 is internal
am i understanding that correctly? sorry its just really re iterating what you said anyways but i just needed to get it clear in my head
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.