[plug] PPC firewall question
Chris Caston
caston at arach.net.au
Mon Sep 8 23:50:39 WST 2003
I don't think I've got any replies yet.
At the moment I'm just playing around sshing into the machine and
working out ipchains.I think I'm going with seawall at least to learn
more about it.
I should also mention that the machine is 200hmz with 32mb RAM.
I believe that seawall supports static NAT so will be looking into it.
Anyone know if seawall protects against "loose address source routing"?
I know this isn't going to be a Cisco Pix but I'd like to get it
reasonably secure.
regards,
Chris
On Mon, 2003-09-08 at 20:42, Chris Caston wrote:
> Hello,
>
> I have a Power Mac 7220 that I have recently used to install PPC Debian
> 3.0r1
>
> For some reason I could only boot the install from BootX (under Mac OS
> 8.5) using kernel ver 2.2. Trying to boot the install using 2.4 would
> freeze the system.
>
> Now that I have the system installed nicely I am reviewing my options
> for firewallage.
>
> I took a look over at shorewall
>
> (http://www.shorewall.net/)
>
> and it seems that as netfilter is built into the 2.4 kernel if I wish to
> remain with 2.2 I should use the Seattle Firewall or Seawall (interface
> to IPchains) (http://seawall.sourceforge.net/)
>
> I am very much a newbie to firewalls so will be learning in this
> experience.
>
> I plan to use slap my Billion BI-PAC 711CE ADSL modem in bridged mode.
> The Mac has two Digital 10/100 nics. One will be plugged into the ADSL
> modem the other into my Xnet 8 port switch.
>
> I will also be using the PPC machine for NAT/DHCP (of course) and I may
> also install apache at a later date.
>
> What do you think it the best option for a firewall?
>
> Should I use the Seattle Firewall (seawall) or update the 2.4 (can this
> be done on this machine?) and use netfilter? Or suggest a better option.
> (:
>
> regards,
--
Chris Caston
Director
Aptitude Technology
http://www.aptitudetech.com.au
ABN: 51614966828
ph: (08) 9443 9418
mobile: 0422 978315
chris at debian:~$ host security.microsoft.com
security.microsoft.com does not exist (Authoritative answer)
More information about the plug
mailing list