[ale] best dist for firewall?

Transam transam at cavu.com
Thu May 2 12:53:59 EDT 2002 

> I'm setting up a firewall on a 120mhz, 16meg machine.  I'd like to run
> iptables, snort/acid and a mysql db to store the snort info.

> Any recommended distros?  It'd be nice to get something minimal (possibly
> tightened) but with the 2.4 kernel (for the stateful firewalling
> capabilities).  I considered Slackware or Debian and then upgrading
> the kernel, but the thought of compiling on a 120mhz machine is not
> a happy one.  Considering Peanut as well, but it seems to be heavily
> configured for the desktop.  I guess it's a last resort.

Slackware 8.0!  I've found Slackware FAR less buggy (both in security bugs
and in annoying operational bugs) than either Red Hat or Mandrake and far
easier to install.  It also requires FAR less security patches and thus
yields a lower-maintenance system.  Some of this is due, I think, to their
interest in the best disribution rather than the most money and easiest
and most toys (sound familiar).  Some of it is due to less "stuff" on it.
However, you certainly do NOT want a lot of extra junk on a Firewall.

Sheesh.  RH7.1 did not even ship with a working IP Tables.  I had to
download a working kernel and configure and compile it.

I run Slackware on my Laptop and love it.  I use Red Hat on my desktop
only because it is the most popular distribution with my clients and
the friend who built my desktop put it on and I was too lazy to install
Slackware over it.  (Installing Red Hat over a running Slackware system
would have been just as much work and certainly greater than zero.)

Any Set-UID or Set-GID program is a security risk.  When I build a Firewall
I turn all of that stuff off.  X always is first on my list and GPM is
second!

> Thanks as always,

> John

Bob Toxen
transam at cavu.com                       [Bob's ALE Bulk email]
bob at verysecurelinux.com                [Please use for email to me]
http://www.verysecurelinux.com         [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com/ [My 5* book:"Real World Linux Security"]
http://www.cavu.com/sunset.html        [Sunset Computer]
Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list