Linux Ware #19 (Firewalls)
in [Freeware]
|
From: Whirled.Peas on 28 Jun 2010 07:52 The Linux Ware Weekly #19 Welcome to the Linux Ware Weekly, a series of posts intended to introduce Linux users to software they may find useful for completing their various tasks. Each week I plan to bring you a list of applications that are suited to a certain task. I don't guarantee that the lists will be exhaustive by any stretch. In fact I can guarantee that I will probably overlook several applications since there are so many different programs written for Linux and forks upon forks of the popular ones. This week we are going to look at firewall distros. Many people are running small home networks with multiple computers. Maintaining security on those computers can be cumbersome and time consuming if you are trying to maintain a separate firewall on each device. Sure, if all you have is one computer and you're running Linux, you don't need anything beyond iptables. If setting up the chains and rules makes your head swim, there are gui interfaces for iptables that greatly simplify matters. However, if you have multiple computers, it makes sense to set up and old Pentium 2 or 3 machine to be a headless firewall appliance between your network and the internet connection. Relying on your router's NAT is not going to be enough for the security minded individual. For example, NAT does not do anything to block outbound packets from programs that wish to “phone home.” One of the areas in which Linux truly shines is in security. These firewall distributions are all easy to setup and configure. In an hour or two, you could have a solid firewall watching the incoming and outgoing traffic and allowing only what YOU wish to get through in either direction. I am including Distrowatch page links so you can browse the reviews given to each of these solutions (Where such reviews exist). ClearOS Homepage: http://www.clearfoundation.com/Software/overview.html Distrowatch page: http://distrowatch.com/table.php?distribution=clearos ClearOS is an integrated network server gateway solution for small and distributed organizations. The software provides all the necessary server tools to run an organization including email, anti-virus, anti-spam, file sharing, groupware, VPN, firewall, intrusion detection/prevention, content filtering, bandwidth management, multi-WAN, and more. Through the intuitive Web-based management console, an administrator can configure the server software along with integrated cloud-based services. m0n0wall Homepage: http://m0n0.ch/wall/ Distrowatch page: http://distrowatch.com/table.php?distribution=monowall m0n0wall is an all-in-one firewall software package that is based on FreeBSD. It is geared towards embedded PCs, but it also works on standard PCs. It includes an easy-to-use Web interface like commercial firewall boxes do. PHP is used instead of shell scripts, and the entire system configuration is stored in a single XML-formatted file. There is support for VPN, traffic shaping, captive portal, VLANs, and more. Astaro Security Gateway Homepage: http://www.astaro.com/ Distrowatch Page: http://distrowatch.com/table.php?distribution=astaro Astaro Security Gateway is an all-in-one network security gateway that includes a firewall, intrusion protection, virus protection, spam protection, URL filtering, and a VPN gateway. Features include stateful packet inspection, deep packet filtering, intrusion detection and prevention, portscan detection, content filtering, virus detection for email and Web traffic, profile handling, L2TP, IPSec, SSL, and PPTP VPN tunneling, spam blocking, proxies for HTTPS, HTTP, FTP, POP3, SMTP, DNS, VoIP, SOCKS, and Ident, logging, and reporting. It supports Ethernet, VLAN, PPP, PPPoE, PPPoA, Cable Modem, QoS, Link Aggregation, WAN-Uplink- Loadbalancing in routing, and bridge mode. The WebAdmin, the Install Wizard, and Up2Date service make it easy to install, manage, and update. Endian Firewall Homepage: http://www.endian.com/en/community/ Distrowatch Page: http://distrowatch.com/table.php?distribution=endian Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN. IPCop Homepage: http://sourceforge.net/apps/trac/ipcop/wiki Distrowatch Page: http://distrowatch.com/table.php?distribution=ipcop IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed. After seeing the direction certain Linux Distributions were heading in, a group of dissatisfied users/developers decided that there was little reason for the idea of a GPL Linux Firewall Distribution of such potential to be, simply, extinguished. By implementing existing technology, outstanding new technology and secure programming practices IPCop is the Linux Distribution for those wanting to keep their computers/networks safe. The IPCop Linux Team is dedicated to doing the very best job possible to keep your systems safe, as you can see on our site. "The Bad Packets Stop Here!" IPFire Homepage: http://www.ipfire.org/en/index Dtstrowatch Page: http://distrowatch.com/table.php?distribution=ipfire IPFire is a Linux firewall distribution that is built from source and comes with lots of additional features. It is easy to set up and administer. It features a firewall with stateful inspection, a content filtering engine, traffic control (QoS), VPN technology, and a lot of logging. Smoothwall Express Homepage: http://www.smoothwall.org/ Distrowatch Page: http://distrowatch.com/table.php? distribution=smoothwall SmoothWall Express is a network firewall, designed with home and small business users in mind. It is based upon a security-hardened subset of the GNU/Linux operating system and is completely free to use, download, and distribute. SmoothWall Express offers facilities and features normally only seen in expensive commercial offerings. Untangle Homepage: http://www.untangle.com/ Distrowatch Page: http://distrowatch.com/table.php?distribution=untangle Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, Web filtering, anti-virus, anti- spyware, intrusion prevention, VPN, SSL VPN, firewall, and more. pfSense Homepage: http://www.pfsense.org/ Distrowatch Page: http://distrowatch.com/table.php?distribution=pfsense pfSense is a m0n0wall-derived operating system platform with radically different goals, such as using Packet Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished) ALTQ for excellent packet queueing, and an integrated package management system for extending the environment with new features. Coyote Linux Homepage: http://coyotelinux.com/ Distrowatch Page: http://distrowatch.com/table.php?distribution=coyote Coyote Linux is a mini distribution designed for setting up network utility services such as Internet connection sharing, firewalling, or wireless access points. The goal is to make it as quick and easy as possible to set up a Linux system with only a minimal amount of Linux knowledge. -- If you try, you can envision peas on earth.
From: Nemesis on 28 Jun 2010 14:55 On Mon, 28 Jun 2010 11:52:45 +0000, Whirled.Peas wrote: > The Linux Ware Weekly #19 > This week we are going to look at firewall distros. I use Brazilfw (coyote was abandoned, this is a later version) as my router, on an old K6400. It runs in about : total: used: free: shared: buffers: cached: Mem: 64151552 7413760 56737792 0 0 3022848 Very little memory, does not need a harddisk,floppy, a monitor or a keyboard , and can be configured remotely. I run it off a CDRom, so it cannot be permanently hacked. Reboot and changes are cancelled. http://www.brazilfw.com.br/forum/index.php Using version 2.30.1, as a link to my wireless ISP. []'s
From: Whirled.Peas on 28 Jun 2010 17:43 On Mon, 28 Jun 2010 18:55:41 +0000, Nemesis wrote: > On Mon, 28 Jun 2010 11:52:45 +0000, Whirled.Peas wrote: > >> The Linux Ware Weekly #19 >> This week we are going to look at firewall distros. > I use Brazilfw (coyote was abandoned, this is a later version) as > my router, on an old K6400. I wasn't sure. I had thought coyote had gone inactive, but distrowatch lists it as active, and the homepage shows an update from April of this year. The "about" page indicates that the original floppy disk version has been continued as Brazil FW and seems to imply that coyote is still in development. Admittedly, I am not very familiar with the project. I've always been a fan of m0n0wall and Endian. -- If you try, you can envision peas on earth.
|
Pages: 1 Prev: [UPDATE] Zindus v 0.8.20 Next: Saving Openoffice 3.x as 2.4?? |