Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
Pages: (3) </ 1 [2] 3 >/

[ Track this topic :: Email this topic :: Print this topic ]

reply to topic new topic new poll
Topic: DSL as router, How to boot completely tight?< Next Oldest | Next Newest >
adssse Offline





Group: Members
Posts: 505
Joined: Mar. 2005
Posted: Oct. 11 2005,14:51 QUOTE

I have been using the rc.firewall.dsl, but how secure is it really? I am using it because I want a firewall and it was available as an extension. I dont really know much about how or why it works, therefore I really like the idea of a howto/walkthrough.
Back to top
Profile PM 
AwPhuch Offline





Group: Members
Posts: 1404
Joined: April 2004
Posted: Oct. 11 2005,15:46 QUOTE

the rc.firewall script creates a very powerful "stateful" firewall...which means everything is allowed out from the inside, but everything from outside unless the traffic was "created" from the inside is blocked

A good place to start would be the source Linux Firewall and Linux Firewall :: Configuration

Look at the resources section..there are alot of helpful links there...

In its default for the rc.firewall is more than enuff to protect any "stand alone" machine..but tweaking it further for internet sharing and port forwarding and stuff like that will take some reading, however Im absolutely positive with a bit of knowledge and some minor tweaking you could make dsl a very powerful and secure router (1st by taking away sudo and tightening other things down)

Plus by adding other simple mydsl apps such as snort (intrusion detection), squid (browser cache), and other nice firewall tools, DSL could be ready!

Anyone want to work with me to take this a step further?!?

Brian
AwPhuch


--------------
http://www.frappr.com/dsl <-- Where do you use DSL?
http://www.smoothwall.org <-- Ultimate firewall for the world!
http://boinc.mundayweb.com/one/stats.php/userID:6107 <--My BOINC stats!
./S99LinuxRevolution start
Back to top
Profile PM WEB 
adssse Offline





Group: Members
Posts: 505
Joined: Mar. 2005
Posted: Oct. 11 2005,16:34 QUOTE

Thanks for the info. I will check out the links and the other apps you mentioned.
Back to top
Profile PM 
AwPhuch Offline





Group: Members
Posts: 1404
Joined: April 2004
Posted: Oct. 11 2005,16:48 QUOTE

FYI

I helped a guy here in Houston at the HAL - PC group put rc.firewall on his webserver box (he was running an older version of Mandrake and wanted to make sure he was secure), we opened the standard web port for his webserver, ftp, SSH, and Samba share...

We even ran rkhunter to ensure he didnt have a linux trojan on there...all clean!!

rc.firewall is a very very powerful and smart script and with tweaking can be even more powerful..just be careful what you open, but on say a laptop or single desktop even the unmodified "stateful firewall" will protect you quite well!

Think of it as sygate personal firewall on steriods, but for (linux)!

Brian
AwPhuch


--------------
http://www.frappr.com/dsl <-- Where do you use DSL?
http://www.smoothwall.org <-- Ultimate firewall for the world!
http://boinc.mundayweb.com/one/stats.php/userID:6107 <--My BOINC stats!
./S99LinuxRevolution start
Back to top
Profile PM WEB 
adssse Offline





Group: Members
Posts: 505
Joined: Mar. 2005
Posted: Oct. 11 2005,22:16 QUOTE

Very cool, that makes me feel a bit more confident until I can learn more about it.
Back to top
Profile PM 
11 replies since Oct. 10 2005,20:03 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (3) </ 1 [2] 3 >/
reply to topic new topic new poll
Quick Reply: DSL as router

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code