Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: Newbie firewall installation question
  • From: Florian Kirchmeir <kflorian@xxxxxxxxxxxxxxxxxx>
  • Date: Mon, 16 Jul 2001 10:41:27 +0200
  • Message-id: <3B52A8B7.42836F0B@xxxxxxxxxxxxxxxxxx>
Hi Maurits, Chad!

dog@xxxxxxxxx wrote:

> do a custom install, dont select anything in x, kde, gnome, emacs. then
> go through the other choices and take out things like apache, sendmail,
> bind, nfs, lpr, mysql, staroffice, etc.

Right. The "minimum" selection is probably a good starting point for that.

> I would do the following partition scheme
> /dev/hda1 / 500 meg
> /dev/hda2 swap 128 meg
> /dev/hda3 /usr 800 meg
> /dev/hda4 /home rest of drive

Why would you have /home on a firewall??
I would rather suggest to have /var on a separate partition, maybe /tmp as well,
since these can be easily filled up by an attacker, and a full / partition is no
fun. 100M for / should be easily enough, then.
(PS: Would it make sense to make /tmp a symlink to /var/tmp instead?)

> >Furthermore I was thinking to partition my disk with a app. 12MB /boot

No need to have /boot on a separate partition (with recent lilo/small disk).

> > Would LVM be an option? (Would think not but...)

No, doesn't make sense on a firewall (IMHO).

Have fun! :-)
Florian Kirchmeir

< Previous Next >