2005-04-01T00:57:51 Dominic Hilsbos: > I'm in the process of redesigning my network, and I'm > going to be turning my current server into a router > (it's a 400MHZ PII, so it's a little slow for > servering).
Sounds reasonable. > I've gotten a couple of books on netqork > security, and am fairly certain that I'd like to use > IPTables, a stateful firewall, [...] But you repeat yourself, iptables is a stateful firewall. > [...] as well as proxies for the common internet protocols (just > http to start with). So the question is, can all of these be > deployed on the same machine, and would it be worthwhile to put > SNORT on this machine as well? Yup, and yup. If you decide you wanna get gung ho on snort, plan on mastering oinkmaster, and scripting up stuff to automatically download ruleset additions and incorporate 'em into your config. > Is there a good opensource stateful firewall? Where > can I get it? For the LFS folks, have any of you run > it on LFS 6.0? Is there good documention on how to > set it up? iptables, comes with linux, iptable howtos. -Bennett
pgpmrUuw2XDec.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/lfs-chat FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
