Mailinglist Archive: opensuse-security (359 mails)
| < Previous | Next > |
Re: [suse-security] Network structure and security
- From: Sigfred Håversen <suselist@xxxxxxxxx>
- Date: Fri, 11 Jul 2003 18:49:02 +0200
- Message-id: <200307111849.02428.suselist@xxxxxxxxx>
On Friday 11 July 2003 18:03, Philippe Vogel wrote:
> I forgot to post some stuff in the last mail:
>
> The firewall depends on the securitiy the machine has from internal.
>
> So you have to build a secure distribution, like debian or gentoo
> linux or manipulate SuSE linux that it is secure (minial installation
> +secumod +compardment +security level setup +services you need).
>
> If time is money here are some firewall solutions that you can
> install in ~1/2 hour:
>
> SuSEfirewall on CD
>
> http://www.suse.de/de/business/products/suse_business/firewall/index.
>html
>
> transtec firewall hardware
>
> http://www.suse.de/de/business/products/suse_business/firewall_hardwa
>re/index.html
>
> Astaro Security linux / Mailserver, firewall, proxy, virus protected
> content, each module costs a bit :-(
>
> www.astaro.com
>
> The last one I tested and I was impressed of the features
> (intrusiondetection, live logview, portscan checks, proxy,
> webconfiguration, rulesets ...).
> The config can be copied to a disk.
> If your server gets intruded you format the disk, reinstall it and
> copy your configuration back.
> The webinterface is very intuitive and userfriendly, but you must
> have knownledge of iptables and rulesets.
>
> Philippe
To add to the above list :
From Mandrake you may download (an ISO about 256MB) MandrakeSecurity
Multi Network Firewall. It has a web interface for
configuration/maintenance, in addition to use SSH.
http://www.mandrakelinux.com/en/ftp.php3#security for downloading
http://www.mandrakesoft.com/products/mnf for more info about it
OpenBSD is also a very good choice for a firewall/router/server. It has
a very easy install, and easier to install/configure than a minimal
SuSE install (if you want it minimal), at least for me. This is what I
use at home as server, even though I use SuSE on my desktop. You'll use
console or SSH to administrate it. The packet filter pf is integrated
with a load balancer, which may be quite handy.
http://www.openbsd.org
http://www.openbsd.org/faq/pf/index.html
Sigfred
> I forgot to post some stuff in the last mail:
>
> The firewall depends on the securitiy the machine has from internal.
>
> So you have to build a secure distribution, like debian or gentoo
> linux or manipulate SuSE linux that it is secure (minial installation
> +secumod +compardment +security level setup +services you need).
>
> If time is money here are some firewall solutions that you can
> install in ~1/2 hour:
>
> SuSEfirewall on CD
>
> http://www.suse.de/de/business/products/suse_business/firewall/index.
>html
>
> transtec firewall hardware
>
> http://www.suse.de/de/business/products/suse_business/firewall_hardwa
>re/index.html
>
> Astaro Security linux / Mailserver, firewall, proxy, virus protected
> content, each module costs a bit :-(
>
> www.astaro.com
>
> The last one I tested and I was impressed of the features
> (intrusiondetection, live logview, portscan checks, proxy,
> webconfiguration, rulesets ...).
> The config can be copied to a disk.
> If your server gets intruded you format the disk, reinstall it and
> copy your configuration back.
> The webinterface is very intuitive and userfriendly, but you must
> have knownledge of iptables and rulesets.
>
> Philippe
To add to the above list :
From Mandrake you may download (an ISO about 256MB) MandrakeSecurity
Multi Network Firewall. It has a web interface for
configuration/maintenance, in addition to use SSH.
http://www.mandrakelinux.com/en/ftp.php3#security for downloading
http://www.mandrakesoft.com/products/mnf for more info about it
OpenBSD is also a very good choice for a firewall/router/server. It has
a very easy install, and easier to install/configure than a minimal
SuSE install (if you want it minimal), at least for me. This is what I
use at home as server, even though I use SuSE on my desktop. You'll use
console or SSH to administrate it. The packet filter pf is integrated
with a load balancer, which may be quite handy.
http://www.openbsd.org
http://www.openbsd.org/faq/pf/index.html
Sigfred
| < Previous | Next > |