Re: is iptables enough?
Hello,
On Wednesday 19 March 2003 11:44 am, Jones wrote:
> I am planning to replace a (dead) Windows 2000 computer that was used
> as a web server and email server with a Debian Linux solution. This
> machine is connected to the net via DSL and would run apache and
> exim/qpopper and sshd. Everything else would be turned off. It is a
> small church and their current site is not very busy, but she says
> they do get a lot of email.
I would imagine that their 'lot of email' will be quite negligible to whatever
server you can come up with.
> Am I right in assuming that iptabes is enough as a firewall solution
> and that I would not need to buy any additional software. That is
> what I understand from my past experience with Debian/iptables as a
> server and from the files at debian.org security howto at
> (http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html)
Absolutely. Dedicated firewall hardware in such a small installation would
seem ridiculously paranoid, to me. I'm not even sure what "additional
software" you could consider.
> On a less related note, what hardware config would you recommend for
> such a system? She has a number of machines that I could choose
> from. Most of them are 1.x Ghz Pentium systems with 256MB RAM and 10
> GB IDE hard drives. After increasing the RAM to 512MB, I think this
> should more than adequate for a system doing nothing but HTTP and
> SMTP/POP requests.
I'd say even without any additional RAM, you will be home free. Doubling it
will make it fly, but I strongly doubt you will see any noticeable swapping
at 256. The actual requirements of the installation you're describing are
ridiculously small.
Good luck, and happy Debian-ing!
- Keegan
Reply to: