Re: which unix (linux) distrubtion is the best to start limited firewall (ipchains, ipfilter, ipnat) ?

Tue, 19 Feb 2002 01:40:54 -0800 


hiya danny

even linux... is either "bsd" style or "att style"
        /etc/rc.d/init  stuff is a common difference
        bsd style printer daemon/setup ...

where you(they) put files in /var/www or /home/httpd  makes no
difference .. just move it to where you like it

for firewalls...  how tightly hardened do you want it to be ???
        - keep in mind that lots-o-rootkits is defined to attack
        redhat-centric filesystems/distros

to do a fair (numbers) comparason between linux fw and bsd fw..
you'd have to normalize it based on the number of systems
out there .. bet redhat gets hacked most... even as a percentage

when deciding which firewall... etc..etc...there are mroe pressing
issues ... whichshould have hire priority than which flavor of linux
--- each distro has to be patched to some minimum "standards"
- security policy
- kernel hardening
- network topology for lan vs vpn vs pop3(s) vs dialups vs wireless
- pick a secure distro ( linux, bsd, secure solaris, etc...
- filesystem hardening
- system monitoring vs network monitoring vs user monitoring
- how much time to spend to harden/fix all the mistakes in various distro
- user accounts and user accountability
- backup systems
- ids systems ... though you allready know they broke in.. thats why
  you're poking around now...
- logging systems ...if you want to track down who/where they came from
- simulate a [cr/h]acker is sitting on the local lan.. what would they get

now... we can get back to which firewall to pick....and config tools

c ya
alvin
http://www.Linux-Sec.net


On Tue, 19 Feb 2002, Danny Zak wrote:

> Dear users;
> 
> we are trying to lookup some information about which distr. to use for
> this linux ipchains, filters, nats.. ?
> 
> i saw freebsd popping up all the time; is this stabler; faster;  or different
> (in which way?); or limited ? in comparision to a linux (redhat) distr ?
>   
> as system op; i'm more familiar with linux distris; is it better to
> stay with linux ?
> 

_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to