Newbie

[Chris]

On Fri, 22 Feb 2008 16:33:07 -0800
David Vincent <dvincent at sleepdeprived.ca> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Chris wrote:
> > On Fri, 22 Feb 2008 15:40:11 -0800
> > Rich Rudnick <rich at aphroneo.net> wrote:
> > 
> >> Donald wrote:
> >>> Greetings,
> >>>
> >>> I'm a Windows sysadmin who is new to Ubuntu. My son has been
> >>> busting my chops to give it a look and I recently acquired a Dell
> >>> 2650 that I would like to configure as a firewall for my network.
> >>>
> >>> Knowing next to nothing about the OS I was hoping someone could
> >>> point me in the right direction where I might find some literature
> >>> and how-to information that would assist me in this endeavor. My
> >>> son simply gushes over Ubuntu and having seen the workstation
> >>> version on his PC, I must admit that it appears very
> >>> user-friendly. 
> >>>
> >>> At $1000.00+ for an entry-level SonicWall firewall (that my
> >>> secadmins insist is not a "real" firewall) and upwards of $5000.00
> >>> for a CheckPoint solution, not to mention license fees, a
> >>> Linux-like implementation simply makes good sense. A security
> >>> consultant friend of mine swears that a rock-solid implementation
> >>> is possible; I just need a little guidance. 
> >>>
> >> You could install a full fledged linux OS and configure it as a
> >> firewall, but you might find http://smoothwall.org/ more useful as
> >> a dedicated installation.
> >>
> > 
> > I agree here, if you have a low-end box, install smoothwall. Use the
> > new Lappy for YOUR install of Ubu (or what ever *nix you wish to
> > play with).
> 
> one thing about smoothwall which is starting to bother me is the lack
> of security on the login page - no https thus an attacker can sniff
> the admin password off the wire and then gain access to the firewall.
> that's bad.

... that's assuming you are accessing the admin from outside the local
network. It's prolly not wise to allow something like that.

for example, I can admin my routers etc from within my own net, but
it's shutoff on the wan side. I have to assume that smooth has the same
option.


> endian firewall is more secure and also takes more effort to setup -
> it is an offshoot of smoothwall.  check it out.
> 
> http://www.endian.com/en/community/

I can't comment on the above.



-- 
Best regards,
Chris

I'd love to help you -- it's just that the Boss won't let me near the
computer. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20080222/87297d11/attachment.sig>