|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Linux firewall/IDS/NAT suggestions
Date: Fri May 30 2003 - 11:54:37 EDT
I am a seasoned admin, working with Solaris, AIX and the fluffy penguin now
for 8 years or so....
I have learned quite a lot about the trade, including to be very cautious about proclaiming a system to be secure if I don't absolutely positively kinda believe it is....
Thus my question:
I want to setup a Linux firewall for a small network of 15 machines connected live to the internet via broadband. I don't want to put something in place that has a glaring hole I don't know about that makes the installation more insecure with a false sense of security.
Which kernel would be best? 2.0.x, 2.2.x, or 2.4.x?
Should snort be running on the firewall machine or another machine? If on another machine, should I put the firewall and IDS box on a hub as the first hop so they both see the same traffic? The customer's router is not manageable (linksys) and they have no budget for a Cisco Router or PIX.
The Linux box will serve as a secondary NAT layer, any pitfalls with this?
Should SSH go to the firewall machine or be passed through to an internal Linux box?
Should the NAT and Firewall rules be written and maintained on CD-R media so a malicious attacker cannot hide rule changes? Should the firewall be re-initialized on a schedule to ensure the live rules are those from the read-only media?
Last, but not least, what's a good HowTo that can be used as a basis? I would prefer one that starts off a little more strict so I can simplify rather than have to bone up on all of the current vulnerabilities.
Robert Received on Fri May 30 18:57:16 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:20 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |