From: User Lists clopmz@yahoo.com
Thak you for your responses. I will use CentOS-3 as a firewall..
Nothing against CentOS as a firewall, but you might consider a distro that is more focused as a plop'n drop "security applicance" distro: http://www.ipcop.org
4-zone segmentation (WAN, DMZ, LAN, WLAN) Integrated real-time and statistical logging, Snort IDS, etc... PPPoA/PPPoE, VPN, IPSec, DHCP DDNS, Internal DNS, Squid Proxy server
Unless you want to learn how all the components work. And even then, I'd edge you towards something like Gentoo.
-- Bryan J. Smith mailto:b.j.smith@ieee.org
Bryan J. Smith b.j.smith@ieee.org wrote:
From: User Lists clopmz@yahoo.com
Thak you for your responses. I will use CentOS-3 as a firewall..
Nothing against CentOS as a firewall, but you might consider a distro that is more focused as a plop'n drop "security applicance" distro: http://www.ipcop.org
4-zone segmentation (WAN, DMZ, LAN, WLAN) Integrated real-time and statistical logging, Snort IDS, etc... PPPoA/PPPoE, VPN, IPSec, DHCP DDNS, Internal DNS, Squid Proxy server
Unless you want to learn how all the components work. And even then, I'd edge you towards something like Gentoo.
There are also some very good products on the BSD side.
m0n0wall: http://m0n0.ch/wall/ (I personnaly use it. Very good product) PFSense: http://www.pfsense.com/ (alpha software, but has more components than m0n0)
hth
UGo
On Wed, 2005-07-20 at 09:29 -0400, Ugo Bellavance wrote:
There are also some very good products on the BSD side. m0n0wall: http://m0n0.ch/wall/ (I personnaly use it. Very good product) PFSense: http://www.pfsense.com/ (alpha software, but has more components than m0n0)
I wouldn't assume otherwise. ;->
FYI, IPCop as of 1.4 is LFS (Linux From Scratch).
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, Jul 19, 2005 at 06:27:37PM -0400, Bryan J. Smith b.j.smith@ieee.org wrote:
From: User Lists clopmz@yahoo.com
Thak you for your responses. I will use CentOS-3 as a firewall..
Nothing against CentOS as a firewall, but you might consider a distro that is more focused as a plop'n drop "security applicance" distro: http://www.ipcop.org
4-zone segmentation (WAN, DMZ, LAN, WLAN) Integrated real-time and statistical logging, Snort IDS, etc... PPPoA/PPPoE, VPN, IPSec, DHCP DDNS, Internal DNS, Squid Proxy server
Unless you want to learn how all the components work. And even then, I'd edge you towards something like Gentoo.
I have been using linux-based firewall for some time now. Tried IpCop twice, since it would help simply the whole process. Gave up. It simply doesn't provide with enough flexibility or customization, without going into more trouble than I would have using a "generic" distro (RedHat, Conectiva, CentOS etc).
Of course, I do need a high degree of customization, so your mileage will vary.
Installed a CentOS firewall today, btw. Worked like a charm.
[]s
- -- Rodrigo Barbosa rodrigob@suespammers.org "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
On Wed, 2005-07-20 at 20:55 -0300, Rodrigo Barbosa wrote:
I have been using linux-based firewall for some time now. Tried IpCop twice, since it would help simply the whole process. Gave up. It simply doesn't provide with enough flexibility or customization, without going into more trouble than I would have using a "generic" distro (RedHat, Conectiva, CentOS etc). Of course, I do need a high degree of customization, so your mileage will vary. Installed a CentOS firewall today, btw. Worked like a charm.
And that's fine, not trying to tell you what to do. Just wanted to make you aware of IPCop if you weren't already.
BTW, when I need more flexibility in services (e.g., Proxy, VPN, etc...), I _do_ setup a FC/RHEL/CentOS server in the DMZ zone of an IPCop box.
-
Bryan J. Smith -
Bryan J. Smith <b.j.smith@ieee.org> -
Rodrigo Barbosa -
Ugo Bellavance