canned stances for RHL (was Re: Firewall administration)

[id for mailing lists <lists () notatla demon co uk>]

On Tue, Oct 07, 1997 at 09:15:12PM -0500, Rick Smith wrote:
> [...] Actually, I mean something a bit different. We need to assume that
> users *won't* have a good understanding of what they're doing.

Bennett Todd <bet () rahul net>:
> Hmm. I really like this goal. Combine these thoughts with other threads that
> have been dangling --- including Brent Chapman's packet filtering paper which
> I hit chasing a link from the Sinus Firewall docs, and mjr's remarks in this
> forum about canned security stances --- and we have the makings of a nice tidy
> small project.

> Linux+ipfw+fwtk has all the bits you need to assemble a nice firewall. So what
> someone needs to do is roll up a handful of nice boilerplate configs ---
> ``security stances'' --- and then whip up a nice user-friendly front-end that
> offers a choice among the stances, ...........

> Base it on a minimal Red Hat install, and it'll be easy to add and remove
> chunks of software with RPM, and to support updating to track new versions.

Dave Wreski and I have been discussing writing a Firewall-2-HOWTO
after frustration at the (no criticism intended) slow development
of the Linux Firewall-HOWTO.

I think I speak for Dave when I say this is something we're willing
to tackle  - being both RH users.  Any further volunteers contact
us please.  And we'd love to run it by the FW wizards before release.


--
##############################################################
# Antonomasia   ant () notatla demon co uk                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################