CentOS - Jul 2005 - Re: Low RAM -- Security Appliance distros ...

From: User Lists <clopmz at yahoo.com>
> Thak you for your responses.
> I will use CentOS-3 as a firewall..
Nothing against CentOS as a firewall, but you might
consider a distro that is more focused as a plop'n drop
"security applicance" distro:  
  http://www.ipcop.org  

4-zone segmentation (WAN, DMZ, LAN, WLAN)
Integrated real-time and statistical logging, Snort IDS, etc...
PPPoA/PPPoE, VPN, IPSec, DHCP
DDNS, Internal DNS, Squid Proxy server

Unless you want to learn how all the components work.
And even then, I'd edge you towards something like Gentoo.


--
Bryan J. Smith   mailto:b.j.smith at ieee.org

Bryan J. Smith <b.j.smith at ieee.org> wrote:
> From: User Lists <clopmz at yahoo.com>
> 
>>Thak you for your responses.
>>I will use CentOS-3 as a firewall..
> 
> 
> Nothing against CentOS as a firewall, but you might
> consider a distro that is more focused as a plop'n drop
> "security applicance" distro:  
>   http://www.ipcop.org  
> 
> 4-zone segmentation (WAN, DMZ, LAN, WLAN)
> Integrated real-time and statistical logging, Snort IDS, etc...
> PPPoA/PPPoE, VPN, IPSec, DHCP
> DDNS, Internal DNS, Squid Proxy server
> 
> Unless you want to learn how all the components work.
> And even then, I'd edge you towards something like Gentoo.
There are also some very good products on the BSD side.

m0n0wall: http://m0n0.ch/wall/ (I personnaly use it.  Very good product)
PFSense:  http://www.pfsense.com/ (alpha software, but has more
components than m0n0)

hth

UGo

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Jul 19, 2005 at 06:27:37PM -0400, Bryan J. Smith <b.j.smith at
ieee.org> wrote:
> From: User Lists <clopmz at yahoo.com>
> > Thak you for your responses.
> > I will use CentOS-3 as a firewall..
> 
> Nothing against CentOS as a firewall, but you might
> consider a distro that is more focused as a plop'n drop
> "security applicance" distro:  
>   http://www.ipcop.org  
> 
> 4-zone segmentation (WAN, DMZ, LAN, WLAN)
> Integrated real-time and statistical logging, Snort IDS, etc...
> PPPoA/PPPoE, VPN, IPSec, DHCP
> DDNS, Internal DNS, Squid Proxy server
> 
> Unless you want to learn how all the components work.
> And even then, I'd edge you towards something like Gentoo.
I have been using linux-based firewall for some time now.
Tried IpCop twice, since it would help simply the whole process.
Gave up. It simply doesn't provide with enough flexibility or
customization, without going into more trouble than I would have
using a "generic" distro (RedHat, Conectiva, CentOS etc).

Of course, I do need a high degree of customization, so your mileage
will vary.

Installed a CentOS firewall today, btw. Worked like a charm.

[]s

- -- 
Rodrigo Barbosa <rodrigob at suespammers.org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFC3uRspdyWzQ5b5ckRArmfAJ0XBhkaegIQkKXaCuG8O2QwNgPMagCffyIx
qOlu/dFlyor4CyHgEtP00g0=Wn6o
-----END PGP SIGNATURE-----