Firewall Wizards mailing list archives

RE: linux firewall

From: "Sloane, David" <DSloane () vfa com>
Date: Tue, 8 Jul 2003 11:17:24 -0400

Gareth,

There are many interesting linux-firewall packages out there.

IPCop is a small, free firewall/router++ distribution - I'd say it's the
most promising place to start. http://www.ipcop.org


Smoothwall is a packaged product with similar roots (IPCop is based on
Smoothwall) but is available in a packaged/supported version.  See
http://www.smoothwall.org and
http://store.smoothwall.ltd.uk/products/comparison.gpl.html

The oft-mentioned Linux Router Project is officially (and unfortunately)
dead.  http://www.linuxrouter.org/

You can install a "small" (about 400Mb if memory serves) version of any of
the major Linux distro's and roll your own environment.  If you do that, you
may want to look into the Bastille Project's security script to help harden
your machine (and explain the hardening process as it goes).

See http://www.bastille-linux.org/

Good luck,


David


-----Original Message-----
From: Paul Robertson [mailto:proberts () patriot net] 
Sent: Monday, July 07, 2003 11:16 PM
To: Gareth Slaven
Cc: 'firewall-wizards () honor icsalabs com'
Subject: Re: [fw-wiz] linux firewall


On Mon, 7 Jul 2003, Gareth Slaven wrote:

Hi there ...

I am trying to find a out of the box linux firewall with proper Admin 
tools etc ... anyone got any ideas?


Choosing the OS before figuring out what security policy to enforce, and 
what mechanisms to enforce it with is putting the cart before the penguin.

You should choose a firewall that supports your security policy and 
network architecture with some strategic vision sprinkled in.  Lots of 
commercial products are Linux-based, especially in the appliance market.

You should also look at _what_ you're protecting and try to make the 
network more hetrogeneous, so if you plan on protecting lots of Linux 
systems, you might look at a BSD-based solution.

Paul
----------------------------------------------------------------------------
-
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

linux firewall Gareth Slaven (Jul 07)
- Re: linux firewall Paul Robertson (Jul 07)
  - Re: linux firewall Blaise St-Laurent (Jul 08)
- Re: linux firewall Jeremiah Cornelius (Jul 08)
- Re: linux firewall Peter Robinson (Jul 08)
  - Re: linux firewall franco segna (Jul 11)
- <Possible follow-ups>
- RE: linux firewall Melson, Paul (Jul 08)
  - RE: linux firewall Bojan Zdrnja (Jul 11)
- RE: linux firewall Yoo, Gene (Jul 08)
- RE: linux firewall Sloane, David (Jul 08)