Re: [TCLUG:3292] Security Pointers & DSL questions...

To: tclug-list@listserv.real-time.com
Subject: Re: [TCLUG:3292] Security Pointers & DSL questions...
From: Ben Kochie <ben@nerp.net>
Date: Mon, 11 Jan 1999 14:55:35 -0600 (CST)
In-Reply-To: <369A602C.20F7887E@pclink.com>
Sender: ben@microq.nerp.net

Linux 2.1.116 (i belive) and higher (2.2) have a totaly re-done firewall system
that is supposed to function much better then standard ipfwadm (faster, more
secure)  it's called ipchains, and you can read all about it in the 2.2 source
tree (i'm currently running 2.2pre6, no problems at all)  everyone on the the
list should download 2.2pre6 and get it tested on their system, 2.2 bugs must
be detected before it hits the rest of the world.

remember.. /usr/src/linux/Documentation is your friend


On 11-Jan-99 Gordon Pedersen wrote:
> Two of the best sources I've found for building a firewall are:
> 
> 1)    Paul Sery has a 1997 or 1998 book out with a title something like
> Linux Networking.  It has novice and 'expert' sections on protecting
> your network.  It's fairly lucid and comes with CD.
> 
> 2)    The creators of ipfwadm offer a white paper on concepts behind the
> use of ipfwadm:
> http://www.xos.nl/linux/ipfwadm/paper/
> 
> I had some trouble the only time I tried to replicate the  example
> firewall in the white paper, but it is a good blueprint for tinkering if
> nothing else.
> 
> I seem to recall that with Linux 2.2 kernel the firewall/masq code has
> been massively reorganized and this may lead to deprecation (or
> nonfunctioning?) of ipfwadm, but I may be wrong.  In any case, the
> concepts are the main thing and most of the above ought to carry over.
> 
> gordon
> 
> Scott K. Johnson wrote:
>> 
>> Hello All,
>> 
>> Anyone have any pointers to docs and/or books on securing a Linux system?
>> 
>>
> -- 
> Gordon Pedersen         
> info systems design     Saint Paul, Minnesota
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com

Thank You,
        Ben Kochie (ben@nerp.net)

*-----------------------*  [ - * - * - * - * - * - * - * - ]
| Unix/Linux Consulting |  [ Haiku Error Message:          ]
|  PC/Mac Repair        |  [  Chaos reigns within.         ]
|   Networking          |  [  Reflect, repent, and reboot. ]
| http://nerp.net       |  [  Order shall return.          ]
*-----------------------*  [ - * - * - * - * - * - * - * - ]

 "Unix is user friendly, Its just picky about its friends."

References:
- Re: [TCLUG:3292] Security Pointers & DSL questions...
  - From: Gordon Pedersen <gordo@pclink.com>

Prev by Date: Re: [TCLUG:3292] Security Pointers & DSL questions...
Next by Date: RE: [TCLUG:3292] Security Pointers & DSL questions...
Prev by thread: Re: [TCLUG:3292] Security Pointers & DSL questions...
Next by thread: stackable hubs
Index(es):
- Date
- Thread