Re: Building Debian firewall

To: debian-firewall@lists.debian.org
Subject: Re: Building Debian firewall
From: Adric <adric@adric.net>
Date: Mon, 28 May 2001 18:53:56 -0400
Message-id: <[🔎] 3.0.6.32.20010528185356.0091e100@adric.net>
In-reply-to: <[🔎] 20010528234604.M41544@chimie.u-strasbg.fr>
References: <[🔎] NFBBIAHMCLHLOPCAOGFNMECKCBAA.mercyground@ntlworld.com> <2.2.32.20010528164947.00c7bccc@[192.168.1.23]> <[🔎] NFBBIAHMCLHLOPCAOGFNMECKCBAA.mercyground@ntlworld.com>

Re: auto apt, reiser, and other things we might better not do an firewalls

I've been conflicted about whether to use Debian or OpenBSD
(and now EmBSD) for some nearly-embedded firewall stuff
I'm hacking on.  Here's the way I'd love for it to work
with debian:
	install from woody/sid, rm stuff, install ness. debs
	(I'd like to use reiser for unattended reboots, 
		so I'm watching that thread)
	config 2.4.x iptables for no spoofing and stateful
	(other fun box hardening tricks ..)
	use LIDS (?!) to lock down the system so even root/uid 0 can't
		fsck things up

	every month or more often as needed, I ssh in to these things,
		auth to LIDS to gain write access and apt in hotfixes, 
		checking md5 and gpg (!),poke around a bit and then lock
		it back down, log out ..

Since none (?) of those nifty things are ready for production yet, 
then plan is to use EmBSD /OpenBSD, but I'd be quite interested in your
comments.. particulary about LIDS

-adric (post echoed on my LJ)

Reply to:

Follow-Ups:
- Re: Building Debian firewall
  - From: Kirk Schroeder <kirkschr@pacbell.net>

References:
- RE: Building Debian firewall
  - From: "Mercyground" <mercyground@ntlworld.com>
- Re: Building Debian firewall
  - From: Ray Olszewski <ray@comarre.com>
- Re: Building Debian firewall
  - From: Guy Brand <guybrand@chimie.u-strasbg.fr>

Prev by Date: Re: Building Debian firewall
Next by Date: Re: Building Debian firewall
Previous by thread: Re: Building Debian firewall
Next by thread: Re: Building Debian firewall
Index(es):
- Date
- Thread