I'm in the process of redesigning my network, and I'm going to be turning my current server into a router (it's a 400MHZ PII, so it's a little slow for servering). I've gotten a couple of books on netqork security, and am fairly certain that I'd like to use IPTables, a stateful firewall, as well as proxies for the common internet protocols (just http to start with). So the question is, can all of these be deployed on the same machine, and would it be worthwhile to put SNORT on this machine as well?
Is there a good opensource stateful firewall? Where can I get it? For the LFS folks, have any of you run it on LFS 6.0? Is there good documention on how to set it up? Do any of you know a good location for a configuration howto for IPTables, Snort, and Apaches modproxy? Also could someone please point me to a routing/gateway howto? My wireless network is going to connect to this machine as well, also it needs to be able to handle serving to a remote dialup. Speaking of which, does anyone know how to get ntop to watch any ppp sessions? I can get it to watch any that are active at the time the daemon is launched, but beyond that it ignores them. -- http://linuxfromscratch.org/mailman/listinfo/lfs-chat FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
