[CLUE-Tech] Small network security distro recommendations?

[Nate Duehr]

Grep Ergo Sum - I grep therefore I am wrote:

>    I strongly recommend Smoothwall (www.smoothwall.og).  It's                  
> Debian based, browser-based, and works pretty well.  I'm running               
> one on a Pentium 1 (as in, Pentium before they started                         
> numbering them :-) ).  It uses snort, and runs on a teeny                      
> disk.  You boot it up, it takes over the disk and machine and                  
> just installs itself.                                                          

I would say I agree with this if all you're going for is a simple home 
configuration -- my "smoothie" does a fine job for generic firewall 
duties.  However, it does have the limitation in the free version that 
it won't help you set up multiple external IP addresses (think three 
interface firewall with DMZ and multiple machines in the DMZ on their 
own public addresses and then a single public address handling the third 
internal NAT interface).

There are plenty of security distros out there and firewall scripts 
and/or distros with little scripts that will do a "good" job... but 
nothing beats reading through the scripts yourself and understanding 
exactly what they're doing.  All of the GUI-based widgets out there are 
still all pretty much running iptables under the hood.  If you download 
'em you can study them (and iptables) and have a skill that works on 
virtually every Linux box out there...

So -- both the "appliances" and a roll-your-own iptables thing are both 
viable... just depends on how much time you have available now and in 
the future to deal with it.  ;-)

Nate Duehr, nate at natetech.com