Firewall Wizards mailing list archives
Building T.REX (was: RE: Linux Proxy Server ?)
From: jseymour () LinxNet com (Jim Seymour)
Date: Thu, 9 Mar 2000 18:09:34 -0500 (EST)
[Note: I changed the subject so people will have a chance of finding it in the archives.] "Matt Bruce" <matt.bruce () alphawest com au> wrote:
Message-ID: <EA0466720A21D211B6C800104B2B75E2026921D6@HERCULIS> Hi all, Well, we tried out T.Rex on a spare RedHat 6.1 box here in the office. After spending about 4 hours waiting for the damned thing to compile and later finding that various libraries were missing, we pretty much gave up on the whole idea. Note that our stumbling block was the jumping through hoops required to get it working, rather than any specific problem with the product.
[snip]
Hmmm... I built the thing with few problems on a RH 6.1 box. I found a few RPMs were needed that I hadn't installed originally. So I installed 'em :-). Btw: I don't know what Matt was compiling on, but it took a fraction of that time on the Dell PowerEdge 1300 I used. The docs need work, there's no question there. I have sent one list of errata to FAS and will soon be sending another. The one I built was put in place on Monday. It's not in full use yet, but initial indications are encouraging. In addition to the T.REX distribution, I installed: OpenSSH for admin. access (as opposed to using ptelnet) Psionic PortSentry for IDS (with custom Perl script to add entries to some of T.REX's access control files) Postfix MTA (in place of theirs) Tripwire Custom log analyzers (Perl scripts) I used nmap on a RH Linux laptop to whack at both interfaces (with IDS disabled) after configuration was complete. Got the expected results. If anybody's interested, I suppose I could clean up and make available my T.REX errata notes. (Note: much of them *may* apply only to a RH 6.1 Linux build/install.) I also slapped together an installer shell script that has a "fix the perms only" option. And a script that goes through and re-names (thus disabling) the recommended "rc.d" scripts. (And I do mean "slapped together." Tho *I* ran 'em myself and they Did The Right Thing.) Oh yeah... and a Perl script to generate replacement strings/values as recommended in the T.REX build docs. (It just generates the values-- you have to edit the necessary files manually.) I suppose if it turns out anybody's interested in any of this stuff, I'll have to come up with the requisite license/disclaimer stuff before letting them loose on the world :-). I sure wish FAS would get that T.REX mailing list going :-(. Regards, Jim -- Jim Seymour | PGP Public Key available at: jseymour () LinxNet com | http://www.cam.ac.uk.pgp.net/pgpnet/wwwkeys.html http://home.msen.com/~jimsun | http://www.trustcenter.de/cgi-bin/SearchCert.cgi
Current thread:
- Building T.REX (was: RE: Linux Proxy Server ?) Jim Seymour (Mar 12)
- Re: Building T.REX (was: RE: Linux Proxy Server ?) Randy Grimshaw (Mar 17)
- Re: Building T.REX (was: RE: Linux Proxy Server ?) Jim Seymour (Mar 21)
- Re: Building T.REX (was: RE: Linux Proxy Server ?) Randy Grimshaw (Mar 17)