iB::Topic::DSL as router

	Damn Small Linux :: Damn Small Linux Board The DSL Forums

» Welcome Guest
[ Log In :: Register ]

Damn Small Linux Board » Damn Small Linux » DSL Tips and Tricks » DSL as router

		Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
		Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic

Pages: (3) </ 1 [2] 3 >/

[ Track this topic :: Email this topic :: Print this topic ]

Topic: DSL as router, How to boot completely tight?

< Next Oldest | Next Newest >

adssse

Group: Members
Posts: 505
Joined: Mar. 2005

Posted: Oct. 11 2005,14:51

I have been using the rc.firewall.dsl, but how secure is it really? I am using it because I want a firewall and it was available as an extension. I dont really know much about how or why it works, therefore I really like the idea of a howto/walkthrough.

AwPhuch

Group: Members
Posts: 1404
Joined: April 2004

Posted: Oct. 11 2005,15:46

the rc.firewall script creates a very powerful "stateful" firewall...which means everything is allowed out from the inside, but everything from outside unless the traffic was "created" from the inside is blocked

A good place to start would be the source Linux Firewall and Linux Firewall :: Configuration

Look at the resources section..there are alot of helpful links there...

In its default for the rc.firewall is more than enuff to protect any "stand alone" machine..but tweaking it further for internet sharing and port forwarding and stuff like that will take some reading, however Im absolutely positive with a bit of knowledge and some minor tweaking you could make dsl a very powerful and secure router (1st by taking away sudo and tightening other things down)

Plus by adding other simple mydsl apps such as snort (intrusion detection), squid (browser cache), and other nice firewall tools, DSL could be ready!

Anyone want to work with me to take this a step further?!?

Brian
AwPhuch

--------------
http://www.frappr.com/dsl <-- Where do you use DSL?
http://www.smoothwall.org <-- Ultimate firewall for the world!
http://boinc.mundayweb.com/one/stats.php/userID:6107 <--My BOINC stats!
./S99LinuxRevolution start

adssse

Group: Members
Posts: 505
Joined: Mar. 2005

Posted: Oct. 11 2005,16:34

Thanks for the info. I will check out the links and the other apps you mentioned.

AwPhuch

Group: Members
Posts: 1404
Joined: April 2004

Posted: Oct. 11 2005,16:48

FYI

I helped a guy here in Houston at the HAL - PC group put rc.firewall on his webserver box (he was running an older version of Mandrake and wanted to make sure he was secure), we opened the standard web port for his webserver, ftp, SSH, and Samba share...

We even ran rkhunter to ensure he didnt have a linux trojan on there...all clean!!

rc.firewall is a very very powerful and smart script and with tweaking can be even more powerful..just be careful what you open, but on say a laptop or single desktop even the unmodified "stateful firewall" will protect you quite well!

Think of it as sygate personal firewall on steriods, but for (linux)!

Brian
AwPhuch

--------------
http://www.frappr.com/dsl <-- Where do you use DSL?
http://www.smoothwall.org <-- Ultimate firewall for the world!
http://boinc.mundayweb.com/one/stats.php/userID:6107 <--My BOINC stats!
./S99LinuxRevolution start