Hi Maurits,
As I want to install as little as possible what's the best "quick" +solution. Under Yast Select "Minimum" and after that Network and Security packages? You may also use the DMZ config. For some reason it installs packages like nkita and nkitb where the latter includes unsafe software like rlogin, rexec etc. I recommend to scrap and replace them with OpenSSH. Here is a cut down SuSE installation:
aaa_base-2001.1.23-0 aaa_dir-2001.1.17-0 aaa_skel-2001.1.26-0 autolog-0.35-192 base-2001.1.15-0 bash-2.04-87 bc-1.06-10 bdflush-1.5-294 bzip-1.0.1-5 dump-0.4b20-4 compress-4.2.4-287 cpio-2.4.2-295 cron-3.0.1-296 db-3.1.17-13 devs-2001.1.2-3 diffutils-2.7-31 e2fsprogs-1.19-7 file-3.32-35 fileutils-4.0.35-3 findutils-4.1.6-14 gawk-3.0.6-41 gdbm-1.8.0-225 ash-0.2-294 glibc-2.2-7 gppshare-2.95.2-149 scanlogd-2.2-5 gzip-1.3-4 kbd-1.03a-39 less-358-26 libz-1.1.3-284 lilo-21.6-17 seccheck-1.6-4 man-2.3.10d69s-171 mktemp-1.5-150 modutils-2.4.1-3 net-tools-1.57-6 netcfg-2000.12.14-2 secumod-1.6b-3 pam-0.72-169 pam_devperm-2000.12.1-6 perl-5.6.0-39 ps-2001.1.22-0 rpm-3.0.6-26 sash-3.4-170 sh-utils-2.0-6 shadow-20000902-34 syslogd-1.3.33-197 sysvinit-2.78-143 terminfo-5.2-8 tripwire-1.2-258 textutils-2.0.10-5 timezone-2.2-7 util-linux-2.10q-7 vim-5.7-42 yast-1.09-7 ed-0.2-277 eject-2.0.2-185 openssh-2.3.0p1-5 k_deflt_24-2.4.0-7 I've replaced the default kernel k_deflt_24-2.4.0-7 with the latest version and patches. There are quite a few other packages that require an update. Check on www.suse.com.
Furthermore I was thinking to partition my disk with a app. 12MB /boot 128> +/swap (there's about 90 ram) and the rest app. 1G / Is that a "correct and smart setup for a dedicated firewall. Would LVM be +an option? (Would think not but...)
Any help would be appriciated. (Tried smoothwall before but Zyxel modem doesn't want to work whith chat, does with wvdial. You may create these partitions, too: (excerpt from /etc/fstab)
/dev/sda3 /usr ext2 defaults,ro,nodev 1 1
/dev/sda4 /var ext2 defaults,nodev 1 2
/dev/sda7 /tmp ext2 defaults,noexec,nosuid,nodev 1 2
Note that /usr is set read-only. /tmp disallows program execution, creation
of device files and disarms suid programs. Separating /var from / prevents
denial of service attacks.
There are a lot more things to do to harden linux. Fortunately there is
documentation on the net:
http://www.linuxdoc.org/guides.html
http://www.interhack.net/pubs/fwfaq
http://nic.com/~dave/Security/
You can also buy good books:
Building internet firewalls, 2nd Edition, O'Reilly
Practical UNIX and Internet Security, 2nd Edition, O'Reilly
Have a lot of fun
--
Jörg Frühbrodt