Just go here and read this. Since you have the rare opportunity to start from zero, stand on the sholders of the giants who made such things managable over possible.
http://www2.linuxjournal.com/lj-issues/issue89/4815.html " Feature Taming the Wild Netfilter " The article has it all; even (b)leading edge examples! ("Sliding down the bleading edge of thehnology!" Firesign Theatre) You can even/especially follow the "directions" AT HOME (guaranteeeeee, you do NOT embark on a "career breaker". (linuxcentral.com will mail you a full/max distribution w/source!!! to set aside; ANY/EVERY/ALL Linux distributions @ ------ $1.50 !!!!! ------- EACH!!!! ALL source files in there TOO (templates; great, fast,max-efficient ones, for any/everything u could ever need/want to do? Like OBEY the LAW! while learning! "Trust and verity":RR. NO! That's "verify")!!! That's what I paid for 6/7 of them a year of so ago; YES! Darn near every one of them IS self installing; tho if you want to keep W98 etc. on HD & dual boot, better "call back", it's tricky to "Trivialize"/SECURE-CURRENT-HD-CONTENTS in that case; done it; many times; each/all worked w/max/TRUE current-data-secure-w/o-risk. WHAT IF YOU OFFERED THAT!! TO YOUR "CLIENTS/CUSTOMERS"???? Generate; A TECH-V.P. OFFER? MOUNTING AND USING ALL WIN/DOS STUFF ONTO/WITHIN LINUX!!! YEAH. Been there. Done that. Still doin it, too. The very few Dos/Win progs. that aren't "wine-ing" yet can bee stuck (sic) on some current/legacy box in the SEE(M)LESS (sic) dept-network YOU WILL provide.) Regards, Jim Cunningham " If I have seen far, it is because I have stood on the shoulders of giants. " (author: go look it up! Now THAT would be "education"!!) P.S. Many are sucessfully using old 486s w/bios CD-boot to "pass<filter" LOTS of packets (scaling groups of these up is well documented from quite a while ago; since they were FREE OLD SURPLUS STUFF: i smell a HGERO's opportunity here? you "CORNER THE GARNERING OF ALL BOXES THAT ANY/EVERBODY ELSE UPDATES/REPLACES; THROW'EM A FEW BUDGET-BUKS!! bc. when that makes them able to afford upgrades;MAN, THEY LOVE YOU SOOOO MUCH!! NEW P IIIs ARE CHEAP, and just THE thing ;Celerons/AMDs;you can get new FAST [EMAIL PROTECTED]). Old P IIIs should kick buts. May be lots of RAM chips in other boxes to "brusque out" a chosen box, too (watch bus>chip(s) speed matching issues). The CD auto RE-boot is SWELL! (you burn your own to reboot your exact FW environ, and distribs. of changes is trivialized in a secure manner; this is a BEST approach to most "distribution" CONTROL issues, IMHO; especially!!!, bc. you decide what they WROTE that you are responsible for their box auto-roboots-what: controlling! > if they put unauthorized stuff on their box=we don't compound THEIR error/insubordination) P.P.S. RE: The above; all of it; DO-ABLE!!! (did it) 'you might ask yourself...same as it ever was...and you might ask yourself...same as it ever was" (Talking Heads) sorta? GoSee; "smoothwall" .org(?)!! their free (YES, THE 4 LETTER "F" WORD EVERYONE in business ownership/mgmnt. IS SO AFRAID OF) dist. IS most-curret-full/rich-SECURE-TO-THE-RECENT-MAX.! (as it's ONLY goal; excuse for existence; we need yet another commercialized dist. of linux!; like the world needs yet another G/L pkg. Doesn't it?) I did find one typo in a kernel re-build/config srcfile, tho, that was trivial for me to fix; and yes I will/have (depending on when you read this) "busted on em". It waaay! self installs/CONFIGURES-ITSELF-TO-WHATEVER-IS-"THERE" (SOME SIMPLE QUESTIONS RE: HOW MUCH REAL SOPHISTICATION ARE YOU READY FOR) on an old 486 WITH-w/o CD/modem/nic/whatever; EASILY (as only disk partition!); on small/slow HDs even, w/LOW mem. even (it's trivial! to get it up! You TURN THE BOX ON!!!! Imagine the re-boot CDs you could dist. from hereabouts). YET, you can LEARN security from this group, via their dist.'s "configuration" (ESPECIALLY what they chose to NOT put in it!; which they TELL) When these guys dist./ship/install/DELIVER "netfilter": 1) that will be that, re: packet filtering 2) you can by then be ready to del.-the-goods for Corp./Career/Corp.-Careers-of-tame(sic)-members w/self-experience and self success, as a leader! Waaaay COOOOL! Huh? So what in the world would I do to top that???? Why you would (obviously!) be ready, by then, to get paid (way lots) to deploy postgresql and help retire the concept "legacy systemS", of course. But what if we just have them all add a second HD, a FAST one, that "melds" w/current controller/whatever, and just give them a CD w/instructionns to "Shutdown w/powerdown; put the "totally encrypted/hooked -to-our-team-ONLY" CD in; powerup;go kick but for the team guy's"? It could happen!
