Firewall

Paul_Melson@keykertusa.com Paul_Melson@keykertusa.com
Thu, 8 Nov 2001 09:22:05 -0500

Previous message: Firewall
Next message: speeking of snort
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>I am setting up a linux firewall and am currently running Red Hat 7.1.  Is
>it a bad idea to just use the default things that come along with the OS
>configuration or might any of you have any suggestions on a good package
to
>download.  Just curious on a place to start.


It would be a good idea to download everything from
ftp://updates.redhat.com/7.1/en/os/i386 (and i586,i686  as applicable)  and
run `rpm -Fvh *.rpm`.  There are kernel and OpenSSL/OpenSSH updates that
you will need to maintain the security if your firewall.  Also, I don't
know if it's part of RedHat 7, but the Bastille hardening tools for Linux
are a good place to start with OS and network security for Linux
(http://www.bastille-linux.org).  For intrusion detection, you can't do
much better than Snort. (http://www.snort.org)  Another good set of tools
are the Psionic Abacus project. (http://www.psionic.com/abacus)

If you're building a dedicated firewall, though, and don't plan to use it
for much else, let me recommend Mandrake-SNF.
(http://www.mandrakesoft.com/products/snf)  The only drawback to SNF is
that it only supports Linux 2.2.x kernels and ipchains, so if you want
2.4.x and iptables, you'll have to build your own or go with a newer
firewall release, like Astaro. (http://www.astaro.com)  Otherwise, it
already comes with Bastille, Squid, msec (Mandrake's own hardening/auditing
tool), Snort, SSH2, and an SSL-enabled web management tool.  The end result
would be very similar to what you'd build with RedHat 7.1, but most of the
work is already done for you.

PaulM

Previous message: Firewall
Next message: speeking of snort
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]