BEST Linux distribution for ROUTER/FIREWALL machine?

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by DrBrai » Fri, 17 May 2002 16:21:13



Hello,

I am about to get a DSL which I want to share on my local net. My client
hosts are about 10, all of them Windows machines.

So, I want to setup a dual-hommed Linux box which will share my DSL to my
local net and also act as a firewall.

Which do you believe is the best distribution of Linux for such a use? I
know that more or less each distribution offers the same tools, but I would
like to know if any of them offers more tools towards my above need.

Regards,
-n-

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Andrew Stit » Fri, 17 May 2002 17:05:54


well if you want to do this with linux make sure you have a very very
hardened linux installation, run no services on it whatsoever, unless you
absolutly need to, then you ought to be fine. The key to securing anything
is to remove every possible doorway. Dont run apache, dont run proftp,
dont run anything unless you absolutly have to. there are some additional
packages to harden the kernel (prevent stack smashing attacks). Goto
insecure.org and read up on any exploitable software, and make sure if
anything you run is on that list, you fix it. Download and install nmap
and scan yourself to see what you have open. The said, go for a
minimalistic distro, dont install mandrake, or redhat (sorry guys), they
arent built for being a server. I would go with a nice simple,
minimalistic installation, since all you're gonna run is ipf anyways, why
have anything but a console, and some basic apps, you may consider going
with 2.2 series kernel (depending on what you need), they tend to be more
stable then the newer ones, not that linux is unstable, but if you are
making a firewall, you want a rock.  IMHO, linux is not the OS of choice
for building a firewall. I plan on using my freeBSD as a router, why? the
BSD's are better suited for server environments, they are by far more
stable by the way they are developed. openBSD is remored to be one of the
most stable server setups availible. At my work we have a half dozen
servers, our http proxy runs squid on openBSD and typically stays up for
months at a time. free and open just seem to be more designed for a quiet
server setup. fwiw most appliance computers (snap server, hubs, etc) run
some variation on the BSD's.

If you still are convinced linux is the OS you want for your router, goto
www.linux.org pick out a nice small distro, install it bare except for a
compiler and gmake, then build ipfilter, and setup the kernel to route
packets for you (thus the same for freeBSD).


> Hello,

> I am about to get a DSL which I want to share on my local net. My client
> hosts are about 10, all of them Windows machines.

> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I would
> like to know if any of them offers more tools towards my above need.

> Regards,
> -n-


 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Richard Steine » Fri, 17 May 2002 17:16:16


On Thu, 16 May 2002 10:21:13 +0300 in comp.os.linux.networking,

Quote:> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use?

I use Coyote Linux for my firewall:

  http://www.coyotelinux.com

It's a single-floppy distribution specifically designed for the purpose
of playing firewall, and it has no extraneous services running at all.

--

      OS/2 + Linux + BeOS + FreeBSD + Solaris + WinNT4 + Win95 + DOS
      + PC/GEOS + Fusion + vMac + Executor = PC Hobbyist Heaven! :-)
                   The Theorem Theorem: If If, Then Then

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Geof » Fri, 17 May 2002 18:13:46




Quote:>Hello,

>I am about to get a DSL which I want to share on my local net. My client
>hosts are about 10, all of them Windows machines.

>So, I want to setup a dual-hommed Linux box which will share my DSL to my
>local net and also act as a firewall.

>Which do you believe is the best distribution of Linux for such a use? I
>know that more or less each distribution offers the same tools, but I would
>like to know if any of them offers more tools towards my above need.

>Regards,
>-n-

IPCOP is a purpose built router/firewall distro with squid proxy,
snort intrusion detection and web based gui admin.

All the hard work is done for you . www.ipcop.org

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by DrBrai » Fri, 17 May 2002 19:09:04


Well,

thanks to everybody for the detailed and precise answers.

I think I will go with Linux, and I will first try the IPCOP which looks
very promising and interesting.

Thanks again!
-n-


Quote:> Hello,

> I am about to get a DSL which I want to share on my local net. My client
> hosts are about 10, all of them Windows machines.

> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I
would
> like to know if any of them offers more tools towards my above need.

> Regards,
> -n-

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by James Knot » Fri, 17 May 2002 21:05:11



> Hello,

> I am about to get a DSL which I want to share on my local net. My client
> hosts are about 10, all of them Windows machines.

> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I
> would like to know if any of them offers more tools towards my above need.

Most of the firewall docs lean toward Redhat, but they can usually be
applied to other distros.  For example, I followed the instructions in
"Pocket" ISP based on Redhat Linux HOWTO
http://www.linuxdoc.org/HOWTO/ISP-Setup-RedHat-HOWTO.html
to build my Slackware firewall.

It's not so much which distro is best for a fireall., as which one is best
for you.

--

All the facts above are true, except for the ones I made up.


james.knott.

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Christopher Brown » Fri, 17 May 2002 21:17:07



Quote:> Hello,

> I am about to get a DSL which I want to share on my local net. My client
> hosts are about 10, all of them Windows machines.

> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I would
> like to know if any of them offers more tools towards my above need.

This is a scenario where "less is more."

Security is obtained by having nothing left on the system for would-be
intruders to try to crack.

You _don't_ want X running; you _don't_ want GNOME, KDE, and such.

All you want is some limited set of network services, likely
including:
 a) A Squid proxy;
 b) Roaring Penguin PPPoE;
 c) _Maybe_ an SMTP server;
 d) If you know you want to administer from outside, sometimes,
    install sshd.

The usual "big names" of Red Hat, Mandrake, and SuSE tend to install
everything including the marching band, which is acceptable so long as
you then proceed to "rpm -e" anything that looks like it could be part
of the marching band.

I run a pretty stripped down Debian on my firewall box; that has the
merit of allowing me to use the "apt-get" tools to easily keep it up
to date vis-a-vis security updates.  That's pretty valuable...
--

http://www.cbbrowne.com/info/nonrdbms.html
ITS is a hand-crafted RSUBR.

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Ian MacRa » Fri, 17 May 2002 22:56:26



Quote:> Hello,

> I am about to get a DSL which I want to share on my local net. My client
> hosts are about 10, all of them Windows machines.

> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.

> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I
would
> like to know if any of them offers more tools towards my above need.

> Regards,
> -n-

Alternatively, if you want something easier/simpler to install try IPCop or
Smoothwall (my personal choice would be IPCop www.ipcop.org). Or look at
bastille linux for a util which will help to harden a standard linux
installation. Of course, if you've got the knowledge and experience to build
the firewall yourself, go for it :-)
 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Eric P. McC » Sat, 18 May 2002 01:07:02


Followups to col.networking.


> So, I want to setup a dual-hommed Linux box which will share my DSL to my
> local net and also act as a firewall.
> Which do you believe is the best distribution of Linux for such a use? I
> know that more or less each distribution offers the same tools, but I would
> like to know if any of them offers more tools towards my above need.

Yeah, just about any distro can be configured to work well as a
firewall.  The only edge one really has over another is ease of
configuration and maintenance.  

For example, you want the smallest possible set of installed
applications on your firewall to reduce the chances of some
interaction opening a security hole.  If you start with one of the
main distros you may need to do a lot of uninstalling in order to get
rid of all the cruft.  And the more stuff you need to remove, the more
likely you are to miss something.  So my personal preference is to
pick a distro that lets you choose to install almost nothing, then
selectively add packages later.

--

"Last I checked, it wasn't the power cord for the Clue Generator that
was sticking up your ass." - John Novak, rasfwrj

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by Jonathan Hor » Sat, 18 May 2002 11:45:05


i suggest you all check out www.smoothwall.org.  everything you have
all asked for, in a hardened ready to rock easy to install linux
firewall/router distro.  web managed (from the inside), DNS (for the
inside), ipchains, firewall logging, conduits, pinholes, DynDNS
support for your DHCP'd ip addres, DHCP server for your inside lan,
traffic graphs, latest 2.2.0 kernel, great ASDL modem support
(includeing PPoE and USB), vpn support to connect to *theoretically*
any IPSec destination, and up to 3 interfaces.

ive scanned my smoothwall from the outside, and nmap just says wtf?

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by ynotsso » Sat, 18 May 2002 12:50:28



[...]

Quote:> ive scanned my smoothwall from the outside, and nmap just
> says wtf?

Hmmmm, just a simple, freely-available "script-kiddie" tool reports:
----------------------------------------
Port scanning target address 216.61.198.245
Port 1 tcpmux is Firewalled
Port 2 compressnet is Firewalled
Port 3 compressnet is Firewalled
Port 4 is Firewalled
Port 5 rje is Firewalled
Port 6 is Firewalled
Port 21 ftp is open
Port 22 ssh is open SSH-2.0-OpenSSH_3.1p1
Port 23 telnet is Firewalled
Port 25 smtp is open hermes.dfwlp.com ESMTP Sendmail 8.11.6/8.11.6
Port 110 is open +OK Qpopper (version 4.0.3) at hermes.dfwlp.com
Port 121 erpc is Firewalled
Port 249 is Firewalled
Port 361 semantix is Firewalled
Port 486 sstats is Firewalled
Port 605 is Firewalled
Port 709 entrustmanager is Firewalled
Port 831 is Firewalled
Port 952 is Firewalled
Port 3389 msrdp is open
Port 10000 is open Webmin SSL Login Username/Password
Port 65001 is open
Port 65006 is open
Port 65007 is open
----------------------------------------

I didn't use any of the more informative professional tools because I'm off
work right now.

Do the above mean the same as "wtf" does to nmap?

             tony

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by James Knot » Sat, 18 May 2002 20:45:40



> i suggest you all check out www.smoothwall.org.  everything you have
> all asked for, in a hardened ready to rock easy to install linux
> firewall/router distro.  web managed (from the inside), DNS (for the
> inside), ipchains, firewall logging, conduits, pinholes, DynDNS
> support for your DHCP'd ip addres, DHCP server for your inside lan,
> traffic graphs, latest 2.2.0 kernel, great ASDL modem support
> (includeing PPoE and USB), vpn support to connect to *theoretically*
> any IPSec destination, and up to 3 interfaces.

> ive scanned my smoothwall from the outside, and nmap just says wtf?

I built my firewall using Slackware, and those nmap web scan sites give up,
as they can't find anything.

--

All the facts above are true, except for the ones I made up.


james.knott.

 
 
 

BEST Linux distribution for ROUTER/FIREWALL machine?

Post by James Knot » Sat, 18 May 2002 20:46:15


What does mine show?




> [...]
>> ive scanned my smoothwall from the outside, and nmap just
>> says wtf?

> Hmmmm, just a simple, freely-available "script-kiddie" tool reports:
> ----------------------------------------
> Port scanning target address 216.61.198.245
> Port 1 tcpmux is Firewalled
> Port 2 compressnet is Firewalled
> Port 3 compressnet is Firewalled
> Port 4 is Firewalled
> Port 5 rje is Firewalled
> Port 6 is Firewalled
> Port 21 ftp is open
> Port 22 ssh is open SSH-2.0-OpenSSH_3.1p1
> Port 23 telnet is Firewalled
> Port 25 smtp is open hermes.dfwlp.com ESMTP Sendmail 8.11.6/8.11.6
> Port 110 is open +OK Qpopper (version 4.0.3) at hermes.dfwlp.com
> Port 121 erpc is Firewalled
> Port 249 is Firewalled
> Port 361 semantix is Firewalled
> Port 486 sstats is Firewalled
> Port 605 is Firewalled
> Port 709 entrustmanager is Firewalled
> Port 831 is Firewalled
> Port 952 is Firewalled
> Port 3389 msrdp is open
> Port 10000 is open Webmin SSL Login Username/Password
> Port 65001 is open
> Port 65006 is open
> Port 65007 is open
> ----------------------------------------

> I didn't use any of the more informative professional tools because I'm
> off work right now.

> Do the above mean the same as "wtf" does to nmap?

>              tony

--

All the facts above are true, except for the ones I made up.


james.knott.

 
 
 

1. Best Linux Firewall/Router/Web Server Distribution

Hi,
I need a distribution that would have the following packages in the CD or
they could be easly installed:
Apache with PHP, some FTP server, mySQL, Firewall software, NAT redirection,
Samba server, Perl ,ssh, and it if includes webadmin it would be perfect

It should be able to be installed on a 2.1GB hardrive (another 2.1GB is used
for the content and such files).
I want to run it on:
Intel Pentium 200MHz
64 MB EDO RAM
2.1GB x 2 HD

2. Linux XFS

3. best small linux for doing home router/firewall

4. TAR, More than 1 Directory

5. Interested in making a firewall and router on a Linux machine

6. windows 2000 and samba shares

7. Router+Firewall+Proxy+DNS on one Linux-Machine??

8. Java performance when reading files

9. using firewalled linux router as answering machine, security compromised?

10. Interested in making a firewall and/or router on a Linux machine

11. Examples of best machines for LINUX, least expensive machines for LINUX.

12. best firewall distribution.

13. Best distribution to build a firewall