Thanks for your reply. That's what I was thinking... Do you have any proposal for books ? Should I first start reading the how to ? Few days ago, I read a mail concerning someone who make a firewall with a system with only a floppy disk (no hard disk). Is it a good way to set a firewall ? What's about the system ? 486, Pentium, ... and memory ? Thanks Pasca MiQUET ----- Original Message ----- From: Alexander Bien To: Pascal MiQUET Sent: Friday, February 02, 2001 5:24 PM Subject: RE: [suse-security] All in one box ! Is it a good solution ? Hi, dont run any services on the firewall .. thats what a DMZ is to be used for .. Read a book about firewall architektures.. -- Mit freundlichen Grüßen Alexander Bien -- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet.com -----Original Message----- From: Pascal MiQUET [mailto:pascal.miquet@wanadoo.fr] Sent: Friday, February 02, 2001 5:13 PM To: suse-security@suse.com Subject: [suse-security] All in one box ! Is it a good solution ? Hello, One of my friend ask me several questions concerning the security of a small company. He'll get in few days an ADSL connection. For some costs purposes (I think) this connection will shared with another company. The goal is to get a Mail server, Web access, ...and share all this with his LAN I've suggested to set a Firewall like ipchains, first to be realy separated from the network of the other compagny; Does it make sense to set the Mail server on the same machine ? How does this will be setted because I think all Mail clients will be Macs ? Thanks for your help Bests Pascal MiQUET
Hi, a good book is robert l. ziegler: "linux firewalls" published by New Riders Publishing (german translation: "linux firewalls" published by Markt+Technik. It's about ipchains & brothers, very effectiv and not too technical... yours Andy * Pascal MiQUET (Fre, 02 Feb 2001): * * Thanks for your reply. That's what I was thinking... * Do you have any proposal for books ? * Should I first start reading the how to ? * * Few days ago, I read a mail concerning someone who make a firewall with a system with only a floppy disk (no hard disk). * Is it a good way to set a firewall ? * What's about the system ? 486, Pentium, ... and memory ? * * Thanks * Pasca MiQUET * ----- Original Message ----- * From: Alexander Bien * To: Pascal MiQUET * Sent: Friday, February 02, 2001 5:24 PM * Subject: RE: [suse-security] All in one box ! Is it a good solution ? * * * Hi, * dont run any services on the firewall .. thats what a DMZ is to be used for .. * * Read a book about firewall architektures.. * * * -- * * Mit freundlichen Grüßen * * Alexander Bien * * -- * PIRONET NDH * Alexander Bien - Technical Assistant - SBU Services * Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany * Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 * mailto:abien@pironet.com - http://www.pironet.com
**strings of ones and zeros arranged themselves into a message from myLinux
Hi,
information about hardware needs. I have several p3's an athlon 700 and a lowly pentium/150 , that last box is currently awaiting a rebuild ( starting w/ new mobo and building up, I suspect the only things I will be able to carry forward will be the scsi drives and posibly the scsi controller <sigh> ) Anyway , question arises , is it posible and more important, even practical to just reformat all drives and perhaps install suse something and use this box as a firewalling box ?? It has 128megs of ram, three fast scsi drives ( 4 megs ea.) a scsi tape deck (dds3 , I think, posibly only dds2, it's sony pretty good tape deck, under os/2 warp anyway ) adaptek fast scsi card and a scsi cd player only
FYI, I have an old 486 66DX2 with 16M RAM & 500M IDE running as a firewall on a 10BaseT network. I have measured it at a sustained 2.4Bbit/sec for 90 mins during a large file transfer. It runs a moderate rule set (~100 rules) but looking at the system resources, the load was not significant. I suspect the first limitation that would hit me would be the speed of the NICS.
Would it be feasable to use this box as a firewalling box? or is it too slow,
It depends what you want it to do. I presume your pentiums have PCI so faster NICs are available to you. You certainly don't need the RAM,disk, tape etc as a firewall should be that & nothing else. Hopefully the stats will help you make up your mind. Regards, John
participants (4)
-
jfweber@eternal.net
-
John Trickey
-
myLinux
-
Pascal MiQUET