Firewall Wizards mailing list archives
RE: why isn't there a newer linux fw-howto
From: "Paul D. Robertson" <proberts () clark net>
Date: Wed, 30 Sep 1998 10:15:02 -0400 (EDT)
On Tue, 29 Sep 1998, Andy Burns wrote:
I have a similar setup at home, except i'm using the MS version of "Hack-Me" (Proxy 2.0). I'd love to learn linux and switch, but it scares me to death... (the unknown). My unix level skills are greatly lacking. I can and have install a few different Unix based OS's, to include adding users, change rights and the like, but that is where my ability stops...
If you're willing to do a lot of reading, it's not difficult to get any *nix system reasonably secure. There are several "how to secure Unix" Web sites out there, none of them difficult to find, and a lot of them quite useful. For Linux, you'll probably also find the Network Admin Guide very useful for understanding how to configure basic networking services, it's available on any Linux Documentation Project site, and on disk with RedHat and probably other distributions.
Is this "RedHat" version easy enough for a beginner such as myself to do what appears to be an advanced configuration issue? (i.e., firewall/proxy)
Which distribution you use is pretty much immaterial (though I'd stick to RedHat, Debian, Caldera or SuSe), the packet filtering firewall code is in the kernel and works the same way on all of them. Adding proxies generally consists of grabbing the code from somewhere (Apache, TIS, wherever), uncompressing it, untarring it reading a file called "INSTALL" then typing "make;make install" or "./configure;make;make install" (though there may be some editing involved). Setting up the firewall code, at least for the ipfw stuff is fairly well laid out at http://www.xos.nl/linux/ipfwadm/ if you follow all the links. It's been pointed out that ipchains have replaced ipfw in the development kernels, follow those pointers for more info on that. Masquerading takes about 3 lines in a file to set up, granular packet filtering is a little more involved.
I supposed there must be a Linux for dummies out there.... I did install Linux once from the SAM's book, and I still have it, but I hear it's much better (and easier) since then (Late 1995).
RH 5.1 is an easy install other than figuring out which packages to select. The Linux Security Audit team seems to be in full-swing, so you'll see *lots* of updated packages on RedHat's errata pages, it's best to grab the fixed ones for services you may use on the box.
At any rate, any information/pointers in the right direction would be greatly appreciated... except the ones from those who see themselves far above my mental capacity and want me to take my non-Unix brain and leave the bless-ed list... I think we've seen plenty of that here lately... :)
At this point, you're probably better off going to Linux newsgroups for further assistance, since that's why they were created. I'm not even sure this is in-charter for firewall-wizards. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Current thread:
- RE: why isn't there a newer linux fw-howto Paul D. Robertson (Oct 01)
- <Possible follow-ups>
- RE: why isn't there a newer linux fw-howto Kevin T. Shivers (Oct 01)
- Re: why isn't there a newer linux fw-howto Darren Reed (Oct 02)
- Re: why isn't there a newer linux fw-howto Kevin T. Shivers (Oct 02)
- Re: why isn't there a newer linux fw-howto Matt Curtin (Oct 05)
- Re: why isn't there a newer linux fw-howto Adam Shostack (Oct 05)
- Re: why isn't there a newer linux fw-howto Perry E. Metzger (Oct 05)
- Re: why isn't there a newer linux fw-howto Jan B. Koum (Oct 06)
- Re: why isn't there a newer linux fw-howto Adam Shostack (Oct 06)
- Re: why isn't there a newer linux fw-howto Kevin T. Shivers (Oct 06)
- Re: why isn't there a newer linux fw-howto Darren Reed (Oct 02)
- Re: why isn't there a newer linux fw-howto Perry E. Metzger (Oct 05)