-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[CUT]
> A misconfigured firewall is functionally identical with NO firewall
> in the areas where it's misconfigured.
That is exactly my worry.
[CUT]
> If you really want to turn it into a Firewall, try using a
> pre-rolled Linux firewall distribution, such as IPCop, SmoothWall,
> etc. Or, if you can stand to make mistakes, you could try using
> ShoreWall on a Redhat distribution, or try one of the BSDs. You'll
> learn more from Shorewall or a BSD, but you're also much more
> likely to make a major mistake, if you don't really know what
> you're doing. IPCop V1.3 uses IPTables, and is a "prerolled" Linux
> Firewall; it's all set to go
> out of the install in most cases. You can then tinker to your
> heart's content to get it just the way you want. You can't,
> however, add
> other apps easily, and it's JUST A FIREWALL. If you want something
> else, you might try Clark Connect, or Mandrake SNF, or some such,
I can evaluate all the name you have indicated; the issues is that I
am interested to use the PC as both the firewall and a Linux box to
use to learn it (read next paragraph).
> but be aware, anything you ADD to a firewall is a potential
> security hole.
I understand the risk; as a metter of fact I have to decide exactly
if it is better to dedicate the (old) computer EXCLUSIVELY for
firewall or EXCLUSIVELY to "play" (exercise/learn) with Linux.
In the second case, I would like to know if it would be better,
instead to put it (the PC I have planed to use as a firewall) between
the cable modem and the new PC, to put it beyond the new PC (the one
with WinXP) and keep this one (the new one) connected to the cable
modem with the two desktop firewall I have, ZoneAlarm and McAfee
Firewall 4; consider that I know better how to keep updated a Windows
box than a Linux box (the OS itself, the firewalls, tha AV and the
other apps that may constitute a hole if unpached) and since the
Windows box will be the main PC for daily use I can realize faster if
something is going wrong (craked/virus/trojan/etc.).
Di Fresco Marco
ICQ #51985192
|---------------------------------------------------------------------
|--|
| Spock (Court Martial - TOS): If I let go a hammer on a planet
| having | a positive gravity, I need not see it fall to know that it
| has, in | fact fallen.
|
|---------------------------------------------------------------------
|--|
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQA/AwUBPznE/7hjIctyb3++EQLnmgCdHoAecn98o/66EIwXn52ze4OBPP8An1XX
w6Vd2xbtoeI8QjH5dYCp4Nbe
=pB2x
-----END PGP SIGNATURE-----
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
