if u think RPMs are hassle-free u need to move to Debian and use
the DEBs. apt-get is your friend ;)
On Fri, 22 Jun 2001, Devdas Bhagat wrote:
> On Fri, 22 Jun 2001, Randy Millis (Lists acct.) spewed into the ether:
> > That sounds like hours of work though.:-) Not sure I'd know where to begin
> > either. And there is always the question of what RPMs are safe to
> > remove. How would one know that?
> Not hours of work.
> $tar -zxvf package.tar.gz
> $cd package
> $./configure
> $make
> #make install
>
> The biggest advantage of prepackaged rpms is that you don't need a
> compiler on that machine to install them.
>
> > Thanks I will look for that.
> http://www.linuxdoc.org
>
> > Now 6.2 or 7.1?
> >
> > - 6.2 is older (may be bad), but there may be more known issues with it
> > than something brand new (may be good)
> > - 7.1 has many fixes over 6.2 (may be good), but there are also new bugs
> > introduced in a new version (may be bad). So what is the most logical
> > choice? Or is my logic flawed???? :-)
> I woul;d suggest a 6.2 install, apply all necessary poatches, then move
> to 2.4, for iptables.
>
> > > I suppose it's the easiest way and it'll help you avoid circling
> > > cross-dependencies (RPM A needs RPM B needs RPM A...) that I've seen
> > > with RedHat RPMs.
> > Yes, this is SOOOOO frustrating!
> Simple workaround: specify both on the command line.
> RPM figures out what to do.
> <snip>
> > I had heard that IPSEC fails over NAT. Why is that?
> Nat does packet header rewriting, that isn't liked by IPSEC.
>
> > But, **do** I want to? Are there pros and cons to doing allowing NFS and
> > SMB this way? Is there a better way?
> Hmmm, how about simply using ssh?
>
> <snip>
> > - Is setting up a private IP network (192.X.X.X, 172.X.X.X
> > 10.X.X.X) with NAT more secure as the private addresses are not routeable
> > from the public internet?
> Not necessarily so. A good set of f/w rules should stop most attacks,
> and if the clients behind the f/w are windows machines, then keep a
> ghost disk handy.
>
> > What I don't understand is how I set up a firewall to protect a collection
> > of hosts that are on the public internet now and have public addresses.
> Ensure that they are on the same subnet, then define rules for that
> subnet. Use Bastille.
>
> <snip>
> > How do I hide the hosts behind the firewall and sill allow
> > them to reach the internet?
> /sbin/ipchains -s 0/0 -d 192.168.1.0/24 -j DENY
>
> Hope this helps a bit.
>
> Devdas Bhagat
> --
> Linux is obsolete
> (Andrew Tanenbaum)
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
