NOVELL: Cool Solutions: SUSE Router How-To
Here's some simple instructions, for making a Linux firewall. http://www.novell.com/coolsolutions/feature/11505.html
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line: Validity Period : 1 year (23-AUG-05 to 22-AUG-06) It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date. James W
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion. I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA?
James Knott wrote:
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion.
I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA?
Well, they have a comparison here: http://firewall.trustix.com/small/comparisons.html The comparison chart claims that it is a security hardened server OS. There aren't details about it though. James W
At 11:42 AM 8/26/05, James Wright wrote:
James Knott wrote:
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion.
I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA? Well, they have a comparison here: http://firewall.trustix.com/small/comparisons.html The comparison chart claims that it is a security hardened server OS. There aren't details about it though.
A company claiming "100% water tight security protects your network" can't be taken seriously.
Frank Bax wrote:
At 11:42 AM 8/26/05, James Wright wrote:
James Knott wrote:
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion.
I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA? Well, they have a comparison here: http://firewall.trustix.com/small/comparisons.html The comparison chart claims that it is a security hardened server OS. There aren't details about it though.
A company claiming "100% water tight security protects your network" can't be taken seriously.
Yep. I don't let water anywhere near my computers. ;-) However, when someone makes claims, without offering proof, I get suspicious. As I recall, the NSA SELinux is configured & audited for maximum security, as is one of the BSDs (OpenBSD?). But even then a simple misconfiguration can always blow away the security. Also, there's no way anyone can guarantee 100% security, for the simple reason that they have no way of knowing all possible exploits. They can only use practices that impede potential vulnerabilities.
James Wright wrote:
James Knott wrote:
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion.
I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA?
Well, they have a comparison here: http://firewall.trustix.com/small/comparisons.html The comparison chart claims that it is a security hardened server OS. There aren't details about it though.
James W
They seem shy, I wonder why they don't mention astaro, the leading Linux firewall, perhaps they are equally good being Linux based. Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
James Knott wrote:
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
Interesting. I assume it's Linux based. Perhaps you just have to renew the license anually. Or is it just a promotion.
I have my own SuSE 9.1 based firewall, which works well and includes a VPN. I wonder what they offer beyond what SuSE (or other distro) is capable of? How does there secure Linux compare with the one from NSA?
Another great firewall with online updates, for free without the VPN and content filtering or with those included for purchase is the Astaro Security Linux www.astaro.com. It's also apparently the most popular Linux firewall used in corporate environments, they also sell a hardware device. Their site has a demo so you can get a realistic view of setting it up. Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
James W
It appears to be demo version -- 73 de Donn Washburn Hpage: " http://www.hal-pc.org/~n5xwb " Ham Callsign N5XWB Email : " n5xwb@hal-pc.org " 307 Savoy St. HAMs: " n5xwb@arrl.net " Sugar Land, TX 77478 BMW MOA #: 4146 - Ambassador LL# 1.281.242.3256 " http://counter.li.org " #279316
Donn Washburn wrote:
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
James W
It appears to be demo version
I'm perplexed at the lack of response to me suggesting Astaro, it's free, you don't have to believe the advertising blurb, you can go through a demo online that is real-world. It supports the addition of WIFI. It's all chrooted so there is no way of manually altering, copying or installing anything as it says you don't have a hard drive or a floppy when you try. The config can be backed up to the box you are using to admin the firewall. The online updates are quite regular, no time limits on the software and it's painless to upgrade, besides being arguably the best darn Linux firewall. There is a quite active forum. The only problem I had with it was with ssh from the outside, but that was due to my lack of understanding of NAT rules, I just get confused as to what is source and what is destination, but the forum helped me out. I was looking for a way I could suggest to Astaro they include VPN, anti-virus and Content filtering in the free version or to somehow produce a cheap version, may be they could allow the full version for free personal use as the downloaded version has to be paid for if used by companies, which really means they get a license that turns on the full version functionality. As with many Linux based stuff like TomTom GPS's and some firewalls that will only work with Windows, their on-line seminar needs IE when I tried attending online, IE under crossover office also didn't work, so I gave them serious grief over that, they kindly sent me a PDF version of it. Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
On Saturday 27 August 2005 13:11, Sid Boyce wrote:
I'm perplexed at the lack of response to me suggesting Astaro, it's free, you don't have to believe the advertising blurb, you can go through a demo online that is real-world. It supports the addition of WIFI. It's all chrooted so there is no way of manually altering, copying or installing anything as it says you don't have a hard drive or a floppy when you try. The config can be backed up to the box you are using to admin the firewall. The online updates are quite regular, no time limits on the software and it's painless to upgrade, besides being arguably the best darn Linux firewall. There is a quite active forum. The only problem I had with it was with ssh from the outside, but that was due to my lack of understanding of NAT rules, I just get confused as to what is source and what is destination, but the forum helped me out. I was looking for a way I could suggest to Astaro they include VPN, anti-virus and Content filtering in the free version or to somehow produce a cheap version, may be they could allow the full version for free personal use as the downloaded version has to be paid for if used by companies, which really means they get a license that turns on the full version functionality. As with many Linux based stuff like TomTom GPS's and some firewalls that will only work with Windows, their on-line seminar needs IE when I tried attending online, IE under crossover office also didn't work, so I gave them serious grief over that, they kindly sent me a PDF version of it.
I know it's not Linux, but BSD, however I've found M0n0wall to be a superb firewall, it's small enough to boot from compact flash, supports VPNs, traffic Shaping, captive portal and will also act as a wireless access point. It's ideal for running headless on standard PC hardware or dedicated appliances like the Soekris and Wrap boards. http://m0n0.ch/wall -- David Bottrill david@bottrill.org www.bottrill.org Registered Linux user number 330730 Internet SIP Phone: 1-747-244-2699
On 2005-08-27 14:11 Sid Boyce wrote:
Donn Washburn wrote:
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
James W
It appears to be demo version
I'm perplexed at the lack of response to me suggesting Astaro, it's free, you don't have to believe the advertising blurb, you can go through a demo online that is real-world. It supports the addition of WIFI. It's all chrooted so there is no way of manually altering, copying or installing anything as it says you don't have a hard drive or a floppy when you try. The config can be backed up to the box you are using to admin the firewall. The online updates are quite regular, no time limits on the software and it's painless to upgrade, besides being arguably the best darn Linux firewall. There is a quite active forum. The only problem I had with it was with ssh from the outside, but that was due to my lack of understanding of NAT rules, I just get confused as to what is source and what is destination, but the forum helped me out. I was looking for a way I could suggest to Astaro they include VPN, anti-virus and Content filtering in the free version or to somehow produce a cheap version, may be they could allow the full version for free personal use as the downloaded version has to be paid for if used by companies, which really means they get a license that turns on the full version functionality. As with many Linux based stuff like TomTom GPS's and some firewalls that will only work with Windows, their on-line seminar needs IE when I tried attending online, IE under crossover office also didn't work, so I gave them serious grief over that, they kindly sent me a PDF version of it. Regards Sid.
Astaro isn't free.. They state on their web site that "Prices start at US$330". Even if it was, Astaro doesn't have support for such a simple thing as APC UPS. I don't know if Trustix has, their spec on their site doesn't tell. The only enterprise class firewall I've seen so far with UPS support is SmoothWall Corp. server, which doesn't come free either. Anders.
Anders Norrbring wrote:
On 2005-08-27 14:11 Sid Boyce wrote:
Donn Washburn wrote:
James Wright wrote:
James Knott wrote:
Here's some simple instructions, for making a Linux firewall.
Along the same lines (firewalls), Trustix is offering their Enterprise Firewall for free. http://www.trustix.com/purchase/index.html Note: when I downloaded it, the reciept they e-mailed me included this line:
Validity Period : 1 year (23-AUG-05 to 22-AUG-06)
It does not specify whether this will cause the firewall to cease to function, or if I just will not be able to get support after that date.
James W
It appears to be demo version
I'm perplexed at the lack of response to me suggesting Astaro, it's free, you don't have to believe the advertising blurb, you can go through a demo online that is real-world. It supports the addition of WIFI. It's all chrooted so there is no way of manually altering, copying or installing anything as it says you don't have a hard drive or a floppy when you try. The config can be backed up to the box you are using to admin the firewall. The online updates are quite regular, no time limits on the software and it's painless to upgrade, besides being arguably the best darn Linux firewall. There is a quite active forum. The only problem I had with it was with ssh from the outside, but that was due to my lack of understanding of NAT rules, I just get confused as to what is source and what is destination, but the forum helped me out. I was looking for a way I could suggest to Astaro they include VPN, anti-virus and Content filtering in the free version or to somehow produce a cheap version, may be they could allow the full version for free personal use as the downloaded version has to be paid for if used by companies, which really means they get a license that turns on the full version functionality. As with many Linux based stuff like TomTom GPS's and some firewalls that will only work with Windows, their on-line seminar needs IE when I tried attending online, IE under crossover office also didn't work, so I gave them serious grief over that, they kindly sent me a PDF version of it. Regards Sid.
Astaro isn't free.. They state on their web site that "Prices start at US$330".
Their site's licensing conditions below. I have a license they say expires 19 Oct. 2007 and I'm currently downloading version 6. Private home users can register via MyAstaro to request a free home use license. You will then receive a License Key which you can enter into WebAdmin which will allow you to use Astaro Security Linux for your home network. If you have obtained the Virus or Surf Protection option for home-use, you can upgrade your home-use license in MyAstaro.
Even if it was, Astaro doesn't have support for such a simple thing as APC UPS. I don't know if Trustix has, their spec on their site doesn't tell.
I have 2 Liebert UPS's, with the MultiLink Linux software capable of shutting down 5 boxes run off each, including the firewall box. The one UPS used to be connected to this box, but I had a serial port go down and switched it to the Mandriva LE 2005 box. The one thing I don't know is if the firewall box will honour the shutdown request, but during a long power outage and low batteries, it did gracefully shut down the 2 boxes, the latest free MultiLink license is now for 5.
The only enterprise class firewall I've seen so far with UPS support is SmoothWall Corp. server, which doesn't come free either.
Anders.
Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM/Amdahl Mainframes and Sun/Fujitsu Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
participants (7)
-
Anders Norrbring
-
David Bottrill
-
Donn Washburn
-
Frank Bax
-
James Knott
-
James Wright
-
Sid Boyce