Hi everyone,
I feel a little bit confused on which direction I should be going, hence I need some advice, pointers and clarification on establishing a firewall. I am setting up a LAN of 10 PC's. The LAN will have access to the internet via cable modem. This is what I thought of doing.
A) Setting up a 486/Pentium MMX as the firewall / router.
B) Use either of the following
1) Phoenix adaptive firewall ( I could only found it for SuSE 6.3 which probably will not work with SuSE 7.0) 2) Sinus firewall 3) T.REx Open Source proxy firewall
Why not use Linux's built in firewalling? ipchains, and NAT, IPMAS.
1) What could be my concerns regarding security, if I am running a stock SuSE pre compiled Kernel. What specific things I should be looking to enable / disable ? As far as I understand, if using a pre compiled stock SuSE kernel ,my option of using SINUS firewall is out of the choices. Hence I thought of using T.Rex if using stock kernel.
Consider openwall patces for the kernel. http://www.securityportal.com/lskb/10000000/kben10000021.html
2) I thought of recompiling the kernel with the SuSE default config options, so I can get Sinus back into choices for proxy firewalls ( yet by doing this most probably Suse Installation support will not be very helping since I am not using the SUSE pre compiled kernel. Result questionable SuSE support availability)
3) Recompiling the after patching it with openwall security patch ( The question is SuSE kernel is pre 2.2.17 so which patch I use; 2.2.16 or 2.2.17) and then make the choice for the proxy firewall.
2.2.17 Realistically you won't need it, just run NO services on the firewall except for ssh and remove everything you don't absolutely need.
Could some one please kindly help me with a road to choose and if possible pros and cons of the my choices and/or proxy firewalls I have found (any other suggestion is more than welcomed)
phoenix has a nice VPN component for windows clients, not checp but it works well.
Thanks in advance -- Togan Muftuoglu
-Kurt