Advice from you?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Advice from you?

  1. #1
    Senior Member
    Join Date
    Aug 2003
    Posts
    300

    Advice from you?

    This weekend I will be implementing this on our small office network (strictly our testing dept) I will be setting up a Watchguard FB1000 as my first line of defense. After the configuration of the firewall I was going to have a Linux Mandrake box acting as a server type firewall. All information would pass through this box.

    Now my questions are simply this:

    1. Is Mandrake a secure enough system or should I look into other programs (I don't use Linux this will be my first "real" use of the system)?

    2. Will the cable connection be slowed down to much?

    Client machines will be running Win2000 with their personal sygate firewalls (or is that overkill?).

    So, what do you all think about the setup, is it practical?

    I know the Linux box will take some time to configure but I got a lot of reading to do so I am hope I can weed through it.


    - Adiz
    Ultimately everyone will have their own opinion--this is mine.

    OOOUUUUCH! <throaty sound> That ain\'t cool baby.</throaty sound> (right before this I had made fun of the \'girl\' and she took it out on my balls... Luckily later on they were \"taken care of.\"

  2. #2
    Sounds pretty good to me. All the major linux distros are known for being pretty secure, from what I've gathered.

  3. #3
    Senior Member
    Join Date
    Jun 2003
    Posts
    772
    The linux distros are not more secure than the Windows os, many vulnerabilities are found in both, however it is a better choice in this case if you are able to properly secure it.
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

    www.elhalf.com

  4. #4
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    I'd say go with what you feel comfortable with..if you want to set up mandrake,go right ahead..if you want Windows 2000 do that..security's only as good as you can make it
    Now,your cable connection..I'd assume some slowing down in speed..nothing much though
    Lastly..if you're going to be using Sygate on your Windows2000 computers,you might want to shut down the Windows firewall..have fun

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    If you want to harder your Linux, take a look at this:
    http://www.bastille-linux.org/
    It is not hard to do and give you a lot of security (and knowledge about linux security too)
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255

    Re: Advice from you?

    Originally posted here by adiz
    1. Is Mandrake a secure enough system or should I look into other programs (I don't use Linux this will be my first "real" use of the system)?
    If this is your first "real" use of linux, put off using it until you are comfortable with it and can properly install a bare minimal install, upgrade the kernel, and know how to work the logging facilities. An ideal firewall should basically have a shell, a kernel, a text editor, and the necessary libraries to run those things. Updating the kernel will be necessary should vulnerabilities be found that could be remotely exploited. Knowing how to work the logging facilities is pretty much a requirement for running any kind of linux box. Once you are comfortable with these things, you could then be able to administer it.

    What do you mean by "server type firewall"?
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  7. #7
    I agree, linux is deep water and you definately want to step into the shallow end first. You definately don't want to use it in an official capacity until you're well familiarized with it.

  8. #8
    Senior Member
    Join Date
    Aug 2003
    Posts
    300
    Well I agree and I know it is probably not smart to go into something that is new. But I feel that, that is the only way I learn is by just doing it. I mean everything I have done on the computer is just sorta learning as I go and it seems to work fine. That is why I am going to be testing this system for a month or so. I am also going to sign a release and have a few buddies of mine try to break and in and show me the vulnerabilities so that I can learn about it.

    But I am still debating because I can also go with Win 2000 or 2003 server both of which I know good. But I just have this strange facination with Linux and I don't wanna miss using it and I sorta feel like it is now or never.

    - Adiz
    Ultimately everyone will have their own opinion--this is mine.

    OOOUUUUCH! <throaty sound> That ain\'t cool baby.</throaty sound> (right before this I had made fun of the \'girl\' and she took it out on my balls... Luckily later on they were \"taken care of.\"

  9. #9
    Well then you're on the right track!

  10. #10
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    adiz

    There are many great threads in AO about hardening your linux, here's a few:

    http://www.antionline.com/showthread...ardening+linux

    http://www.antionline.com/showthread...ardening+linux

    http://www.antionline.com/showthread...ardening+linux


    For more just enter: 'hardening linux" into the search engine on the main page. Good luck

    cheers
    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •