Re: DSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 7/22/2003 13:36 -0400, you wrote:
Grouping the types of services you mentioned on one box makes sense.

FYI, the services I install on a home/SOHO/small-business firewall (typically a P100/32MB/1GB box running RH8.0 or RH9) are the following:


* Shorewall for firewall configuration (www.shorewall.net) and for masquerading the internal network for access to the outside

* Caching nameserver with forward and reverse resolution for the local network IP addresses (i.e. tom.domain.com -> 192.168.0.1 and 192.168.0.1 -> tom.domain.com), listening for requests only on the internal interface

* DHCP server (I'll learn how to do dynamic DNS updates via DHCP soon, I promise)

* NTP server

* Squid proxy, mostly for caching benefits, with Shorewall redirecting all port 80 requests to port 3128 so the whole thing is transparent

* Portsentry and a special script, which will dynamically block anyone who hits what I consider a hostile port and reallow the IP address a few days later so the blocked list doesn't get too long

* Tripwire, to keep track of whether some idiot replaced a key file.

* Opensshd for admin, webmin over SSL if others want to help admin


-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx


-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list

[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux