[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My own Firewall ??

> On 10 Mar 2005, Jean-Michel Hiver wrote:
>>> These will make your experience *much* nicer. Then, use aptitude rather
>>> than apt-get to install and manage software.
>> Actually I disagree. I find aptitude quite horrible and
>> counter-intuitive.
> Well, to each their own, I guess. :)
> Can I ask, what is it that you don't like about it?  I like to
> understand why people don't use these tools so I can better recommend
> them to my clients according to (my expectations of) their tastes...
> [...]
>>> Oh, and I recommend using 'firehol', which is in /testing and
>>> /unstable,
>>> and is a wrapper around iptables.  It takes a lot of the hard work out
>>> of building a firewall, without stopping you doing anything that
>>> iptables can do.
>> Hey, we agree on that one :)
> *nod*  I have been pleased to see that my opinion of it is spreading
> through the community around here.  I am yet to find anything better.

I guess is a matter of preference regarding aptitude, and there is a good
support site for firehol at http://firehol.sourceforge.net/
Then, he will need to harden the kernel, no?  Enabling SElinux, etc in the
security section.  Or even adding other security patches to the kernel. 
For those things the kernel source needs to be downloaded as well.
-JM. ?Estos días azules y este sol de la infancia ?(Antonio Machado-1939)

Reply to: