Sudhir rearranged electrons thusly:
> I suppose a firewall on RedHat 6.2 should be ok for this kind of
> connection. And, how can I go for a static IP ?
OK - here's a _very short_ howto on this
1. Do a custom install - and DONT INSTALL X WINDOWS / LINUXCONF. Leave only a
skeleton set of services running here.
2. Upgrade nearly everything on that box (or install something like Mandrake
7.2, or preferably, Debian / Slak 7.1 / BSD, all of which have far more recent
packages). Priority - upgrade the kernel (to 2.2.17 or 2.2.18), sendmail (to
8.11.2, or switch to exim / postfix / qmail), bind, the pop daemon etc.
(ftp.redhat.com and other mirrors, such as my favorite
download.sourceforge.net/pub/linux/redhat have an updates directory where you
can get all this)
3. Chroot a few packages such as Bind and POP3
4. Use ipchains to restrict / block access to ports / services.
http://www.linuxmafia.org (or .com I forgot) has an ipchains based firewall
called GShield. Use it (and something like Bastille as well). To check for
open ports, nmap / saint / satan scan your machine from outside.
That should do for a start. Detailed howtos are a dime a dozen on the net, so
I wont reinvent the wheel in this post.
As for a static IP, it's easy - ask spectranet, pay a little extra possibly.
Then bring up two eth cards on your box - one with a localnet (rfc 1918)
address like 10.xx.xx.xx and the other with your public IP :)
--suresh
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
"What separates normal people from kooks is how they react when people disagree
with them or tell them "NO" <-- Ron Ritzman on news.admin.net-abuse.email
----------------------------------------------
LIH is all for free speech. But it was created
for a purpose. Violations of the rules of
this list will result in stern action.
