[CLUE-Tech] Small network security distro recommendations?
Nate Duehr
nate at natetech.com
Thu Jan 29 17:20:01 MST 2004
Grep Ergo Sum - I grep therefore I am wrote:
> I strongly recommend Smoothwall (www.smoothwall.og). It's
> Debian based, browser-based, and works pretty well. I'm running
> one on a Pentium 1 (as in, Pentium before they started
> numbering them :-) ). It uses snort, and runs on a teeny
> disk. You boot it up, it takes over the disk and machine and
> just installs itself.
I would say I agree with this if all you're going for is a simple home
configuration -- my "smoothie" does a fine job for generic firewall
duties. However, it does have the limitation in the free version that
it won't help you set up multiple external IP addresses (think three
interface firewall with DMZ and multiple machines in the DMZ on their
own public addresses and then a single public address handling the third
internal NAT interface).
There are plenty of security distros out there and firewall scripts
and/or distros with little scripts that will do a "good" job... but
nothing beats reading through the scripts yourself and understanding
exactly what they're doing. All of the GUI-based widgets out there are
still all pretty much running iptables under the hood. If you download
'em you can study them (and iptables) and have a skill that works on
virtually every Linux box out there...
So -- both the "appliances" and a roll-your-own iptables thing are both
viable... just depends on how much time you have available now and in
the future to deal with it. ;-)
Nate Duehr, nate at natetech.com
More information about the clue-tech
mailing list