I have a project fast approaching that I'm ill prepared for it seems. I'm
looking for some more help on setting up a secure firewall/VPN solution and
appreciate any advice or resources anyone might have.
I've read the Linux Firewall How-To, lurk on some of the more popular
security lists and just subscribed to the firewall list. So I am starting to
develop a sense of what I need to do, but need more help.
I've setup Bastille under Redhat 6.2 on a 486/80 at home and am playing
around to get a better understanding of it.
I did a workstation install of Redhat 6.22 via FTP from a local mirror and
selected a minimum level of components. Then I downloaded the updates and
did an rpm -Fvh * to update all the packages, but I'm not sure if they all
updated correctly and need to go though this more.
I'm very happy with how easy it was to get this set up Bastille and have a
sense that this is a fairly secure firewall, especially considering for my
level of ability in this area. But I'm not sure.:-(
My questions are:
- What is the better version of Linux to use 6.2 or 7.1 in terms of security
and stability?
- Is Linux the best choice because of my familiarity with it or should I
delve into unfamiliar territory with something like OpenBSD (or another
flavor) because of better default security configuration?
- What is the best method for installing the bare minimum needed for a
firewall with Redhat or another recommended flavor?
Without starting a war, in each individuals opinion:
- Is there an easy and or more effective way to way to upgrade Redhat rpms
what I did above?
- What's the are some of the best ways to set up a VPN and what are some of
the best open source packages for VPN to support Windows and UNIX clients?
- Through VPN/or another method can I give PC and UNIX clients access to SMB
and NFS file systems?
- I have only set up a previous NAT box and the current Bastille firewall
using an external IP and a private internal network. I want to set up a
firewall for a lab that contains machines with external IP addresses. How
would I do that or am I better off to redo the internal network with a
private IP range? What are the security implications of both alternatives?
Thanks.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
