Linux Firewall on FC1

Brian Fahrlander brian at fahrlander.net
Wed Sep 8 09:55:29 UTC 2004 

On Wed, 2004-09-08 at 03:36, usmany at excite.com wrote:
> Thanks guys for helping and advicing me on how to go about setting my
> DNS and DHCP on my previous post, now I need more insight on above.
> 
> What are the things needed, accept/activate on above, i.e. firewall.
> Fisrt, I rejected accepting ICMP while others are accepted...
> 
> Can someone help advice on what will be accepted and rejected on the
> firewall?

    I've been testing something new for me: a hardware firewall.  It was
$60 from Office Max, has no moving parts, and as far as I know, no ways
into it from the outside. (Same as a Linux firewall)

    I always preferred a Linux firewall, because it allowed me to do
_anything_ I wanted to with it: SNMP, port-knocking, portsentry to block
sites that get curious...but now with well over 100 viral-based
interrogations every day, and a THIRTY MINUTE firewall rule-reload, I
had to change my ways.

    This new box matches my cable modem- it's a LinkSys, and sits on top
of the modem.  And, for extra zeal, it's got a wireless (B) link on it
as well, so I can learn about wireless, finally.

    As much as I love tracking ports, it's becoming a point of
diminishing returns: so many 'attacks' and none of them, real.  But I
have the assurance of a company that it's solid, it's cheap, and I never
have to 'admin' the thing 'cause it lost a hard drive or anything.

    I'm thinking this _might_ be the direction you want to go. Very
simple to install, and one less thing to worry about.  And the newer
models (firewall/router with wireless _G_) are actually _running_ Linux
inside....and offer a lot of tweaks and such.

    Give it a try; it's very liberating!  (Save the low-end hardware for
font-serving and DNS boxes, etc.)
-- 
------------------------------------------------------------------------
Brian Fahrländer                  Christian, Conservative, and Technomad
Evansville, IN                                 http://www.fahrlander.net
ICQ 5119262
AIM: WheelDweller
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040908/d266d8d7/attachment-0001.sig>

More information about the fedora-list mailing list