[ale] best dist for firewall?

Glenn C. Lasher Jr. glasher at nycap.rr.com
Fri May 3 14:28:22 EDT 2002



I will second this.  Slackware 8.0 is exactly the right distro for a
firewall.  Not only does it not suffer the operational and security issues
of RH, but it also even lets you pick --at install time-- what version of
kernel you want to run, and, if you pick 2.4.x, will let you set up
ReiserFS before installing.  We 'ave one.  Ees ver' nayze.


On Thu, 2 May 2002, Transam wrote:

> > I'm setting up a firewall on a 120mhz, 16meg machine.  I'd like to run
> > iptables, snort/acid and a mysql db to store the snort info.
>
> > Any recommended distros?  It'd be nice to get something minimal (possibly
> > tightened) but with the 2.4 kernel (for the stateful firewalling
> > capabilities).  I considered Slackware or Debian and then upgrading
> > the kernel, but the thought of compiling on a 120mhz machine is not
> > a happy one.  Considering Peanut as well, but it seems to be heavily
> > configured for the desktop.  I guess it's a last resort.
>
> Slackware 8.0!  I've found Slackware FAR less buggy (both in security bugs
> and in annoying operational bugs) than either Red Hat or Mandrake and far
> easier to install.  It also requires FAR less security patches and thus
> yields a lower-maintenance system.  Some of this is due, I think, to their
> interest in the best disribution rather than the most money and easiest
> and most toys (sound familiar).  Some of it is due to less "stuff" on it.
> However, you certainly do NOT want a lot of extra junk on a Firewall.
>
> Sheesh.  RH7.1 did not even ship with a working IP Tables.  I had to
> download a working kernel and configure and compile it.
>
> I run Slackware on my Laptop and love it.  I use Red Hat on my desktop
> only because it is the most popular distribution with my clients and
> the friend who built my desktop put it on and I was too lazy to install
> Slackware over it.  (Installing Red Hat over a running Slackware system
> would have been just as much work and certainly greater than zero.)
>
> Any Set-UID or Set-GID program is a security risk.  When I build a Firewall
> I turn all of that stuff off.  X always is first on my list and GPM is
> second!
>
> > Thanks as always,
>
> > John
>
> Bob Toxen
> transam at cavu.com                       [Bob's ALE Bulk email]
> bob at verysecurelinux.com                [Please use for email to me]
> http://www.verysecurelinux.com         [Network&Linux/Unix security consulting]
> http://www.realworldlinuxsecurity.com/ [My 5* book:"Real World Linux Security"]
> http://www.cavu.com/sunset.html        [Sunset Computer]
> Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
> Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
>
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.
>

glasher at nycap.rr.com
You've been programmed by the Illuminati not to see the word "".


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list