On Thu, Aug 01, 2002 at 11:37:43AM -0500, Lance Linder wrote: > First off I am new to the list and relatively new to Linux so I am > sorry if my questions don't make sense. But what better way to learn > than ask a bunch of stupid questions ;) hey there. pleased to meetcha. don't worry, we all started out as newbies once; and every time we broach a new area of learning, we are ones again. :) > Second question would be if this is possible then were might I look > for more information on this subject? www.linuxdoc.org > Can someone recommend a good > book to read? don't bother with dead trees. Open Source software evolves and changes 10x faster than most closed-source stuff; so anything printed will be obsolete by the time that it gets to you. here's the best resources I can think of (in no particular order) - man pages -- this is the first place I look for information about a package, if I have it installed already. 'man -k' will search for topics, and if you're on a Redhat system, 'man -K' will search for any man page matching a keyword. - google searches -- put in the exact error message you're seeing, and it's possible someone else will have seen it already. - linuxdoc.org -- quality of information there is pretty spotty, but there are some real gems. - mailing lists -- like this one. just remember to pick out the pearls from among the swine, and take everyone's advice with a grain of salt. - package documentation -- read the README file! - freshmeat.net -- help you find packages to solve problems you'd never dreamed of. also has a really impressive theme repository now. > And third question, what is the best firewall for Linux? 10 people will give you 10 answers to this, so I'll throw out a few random thoughts and comments here. - the linux 2.4 kernel has a tool called 'iptables' which allows you to control packets of traffic in many and elaborate ways. this is the underlying foundation of firewalling in linux. writing rules 'by hand' for this firewalling engine is a mind-bending exercise at first; and can be really intimidating. (but once you learn how to do it this way, you won't want it any other way, since nothing else gives you such immediate and fine-grained control). - there are some GUI tools to create firewall rules. all the ones I've tried sucked pretty badly; but I suspect I may have just been trying bad ones. other people have used such things with reported success; so if they chirp up, give their preferred packages a try. :) - linux is not necessarily the answer to every problem. there are times and places when OpenBSD, FreeBSD, Netscreen, Linksys, and Solaris firewalls make sense and may be the best solution. that said, I find linux to be the most _versatile_ firewalling solution out there (not always the best, but able to do just about everything the others can do). > I have SuSE > installed now and it installed a firewall but I think it is more > geared towards a Desktop installation instead of a server > installation. the esoteric comment: desktop, firewall, server, redhat, slackware, debian... it all gets to be about the same thing when you look at the core. you can change a linux system from any type, to any other type, given enough time and effort, and quite often preserve most of your data in the process. yes, this means you can take a linux system running on a wristwatch, and convert that system [accounts, per-user settings, user data] to run on a 128-processor SGI. it somtimes ends up being a case of George Washington's Hatchet, tho... "This is George Washington's Hatchet -- the handle has been replaced 3 times and the head has been replaced twice". the simple comment: try some firewall-oriented linux distributions. coyote linux, linux router project (tho I think I heard that's dead by now)... there's others. many will run off a floppy disk, which makes them easy to experiment with. get some old computers at government auction, or from friends, and try out a number of different distributions on them. Carl Soderstrom. -- Systems Administrator Real-Time Enterprises www.real-time.com