January 18th, 2004 10:34 PM
I'm planning to install a firewall linux box after reading about all its security advantages over windows, but i was wondering, which linux dis would should i use ?
I'm pretty new to the whole linux world, so I don't want something that is going to be to hard to set up, but at the same time i don't want something that is going to be too easy. I'm hoping to use this as a learning expereince too.
Any recommendations or past experiences would be great to hear about.
Also if anyone knows of a good book, e-book, or website with guides to help set up the linux dis that you've recommended i'd very much like to hear.
Thanks alot for any help given.
Oooo .... btw i'll be installing on a P3, 128MB RAM, 8GB H/D, standard grahpics + sound
January 18th, 2004 10:51 PM
I say use OpenBSD as the distro. With only 1 remote exploit in the past 6 years, and with the entire OS going through continual security audits, OBSD has always meant to be a firewall/server. It isn't as simple as redhat to install, but it isn't as difficult as a gentoo installation.
I've always recommended and used it in firewalls and mission critical servers for as long as OBSD, and it has never failed me or it's community of users. It offers a very good amount of hardware support, reaudied source code to be made more secure (less buffer overrflows), aa very experienced collective community that knows their **** when it comes to security, and tons of built in firewall options coded right into tie OS. I'd like to also offer why the other distro's may not suit you yet.
1. Redhat: Simple to setup, but almost too damn simple. Point and click and wait simple. You said you wanted to actually learn.
2. Mandrake: A psuedo duplicate of RH, and just as easy to setup. No learning involved.
3. Gentoo: The hardest OS to install because you work on the lowest levels possible, and build it from scratch. A killer OS after everything is done, but you said you didn't want something _too_ hard.
4. Debian: Far too old. Sure old means stable, but old also means lack of proper hardware support for newer systems (yours is still considered new). Package support is very good (programs you can run off of it) but still, very outdated even on newer program releases.
5. FreeBSD: A very good BSD distrobution, but balanced on desktop and server usage, worrying more about desktop latency schedualing then network security. Built in kernel options don't support the security checks OBSD does.
6. NetBSD: Your computer can run it, everyone's computer could run it. It's just *there*
7. Windows 2003 server: A great server win distro, but a horrible firewall alternative. Remember, windows == desktops and windows != servers.
8. Suse: Similar to gentoo in terms of updating and having themost recent package releases, but nothing too sparky about it. Much more desktop oriented than server security oriented.
Please keep in mind that this is not a flame on other OSes, as they all have their place. My opinions here are based upon how the above distros respond to their usage in security/firewall usage rather than desktop usage. Of course, this may end up as a flame war, but my words here are not to spite others. I base it off of personal experience and what has been easy to break into and what has not. This is just from my experience as both a long term grey hat, and a legal network security consultant. Best wishes to you!
January 18th, 2004 11:05 PM
Thank you very much for the truely brilliant reply. I tried to give you antipoints for it but the system said i need to spread them around :S Sorry about that .... thanks again , bye
January 18th, 2004 11:18 PM
If you want a stand alone linux firewall, then you could try smoothwall or ipcop:
January 19th, 2004 12:35 AM
As a side note, I must add this: All OSes are basically the same in security when it comes down to it, as true security relies on the admin. Windows can be as secure as OBSD, and OBSD as insecure as default windows. It all matters to how much the admin knows and is willing to configure for security. My point above was to state default security and security that can not be simply configured. OBSD has that default security and built in security. What I mean by built in security is exploits:
An OS exploit is very rarely able to be halted through normal security means. You either have to wait for a patchor fix the code yourself, as it is something wrong internally with the Os, and not fixable by a simple configuration (for the majority of exploits)
Liken it to building a prison. You build it using hard, solid rock and brick, allowing no windows or doors. You have configured it for security 100%. An exploit would be learning that the kind of rock you used is vunerable to salt, and thus there isn't a damn thing you can do about it until someone developes a fix for that. OBSD, in short, has far less of those build in exploits due to the continual code audit, and thus my reasoning behind recommending it.
January 19th, 2004 07:41 AM
Smoothwall that box like a madman. Not only is it easy as pie to set up, the html interface is bloody gorgeous.
Kudos to dublix on this one
You shall no longer take things at second or third hand,
nor look through the eyes of the dead...You shall listen to all
sides and filter them for your self.
January 19th, 2004 07:45 AM
Well, easy is not what the origonal poster saught. They wanted to install a Linux *Distro* that wasn't too easy, so that they could begin learning linux, while not wanting it to be too hard. Having something that isn't a pure linux distro (in otherwords not just a firewall only port) limits that learning experience of Linux, while also being far too simple to learn from.
While I agree smoothwall is a killer firewall system, let's not forget the learning process of Linux. Walk before we run
January 19th, 2004 02:22 PM
If you are new to linux save yourself some trouble and make sure your hardware is compatable with the Linux Distro you want to use, before attempting to install the OS. Of particular concern would be the modem. The Q & A sections of most sites are full of inquiries about not being able to setup the modem (the poor guys and gals found out the definition of a Winmodem the hard way!). I mention the modem because afterall you want the darn thing to go online!
http://www.google.com (linux modems)
http://www.linuxhelp.net/guides/ (for other questions)
January 19th, 2004 03:00 PM
Well, in that case:
Well, easy is not what the origonal poster saught.
IPTABLES in the Linux 2.4 Kernel
should be helpfull..
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
January 19th, 2004 10:50 PM
I have to agree with the Smoothwall recommendations. Aside from being the only Linux based firewall I have any kind of experience with, like others have mentioned, it is fairly easy to install. The text-based install screens look kind of intimidating, but as long as you have a basic understanding of IP addressing and firewall jargon (which are the red and green sides of your network), it shouldn't be too bad. The best feature is the web based administration/configuration, which allows you to create rule sets much easier than with IPtables. Of course, you'll have to log in to do so.
You can download the ISO from the Smoothwall website, it's about 100 MB or so, and providing you're network isn't too large, it should handle the job just fine. I knew some people who ran a smoothwall box to isolate a campus lab (20 machines or so) to isolate it from the rest of the university's network and it worked just fine.