Re: Are these machines up to it?
Keith O'Connell <keith_oconnell@blueyonder.co.uk> wrote on 22 Mar 2002
14:39:21 +0000:
Over the com[m]ing months I am starting a "teach-your-self" program. I
am learning more of linux than just a desktop. I have a small lan at home
for my wife, daughters and myself. The three of them use WinXP, and I
have a desktop of myown running stable and a file server for all of
us, also running stable.
I now have come by two old machines that I want to employ, but before
I throw mt self at it, I want to know if they are up to the task, and
also if they are, will they lik[le]y remain suitable for the tasks as
new versions of software are released
1: I have a 133MHz pentium, 1Gb disk and 32Mb ram. I want to use this
as a firewall.
Overpowered for the purpose, likely to be good for it for many years. Have
you considered OpenBSD for the firewall box? There are also the "hardening"
scripts for Debian, plus security kernel patch(es).
OpenBSD (famed well-tested security):
[http://openbsd.org/]
"Hardening" packages (kernel patches):
[http://packages.debian.org/testing/devel/kernel-patch-2.4-lsm.html] (or)
[http://packages.debian.org/testing/devel/kernel-patch-2.4-grsecurity.html]
Kernel packages:
[http://packages.debian.org/testing/devel/kernel-source-2.4.18.html]
[http://packages.debian.org/testing/misc/kernel-package.html]
(these all will drag in additional dependencies)
(kernel recompilation needs much other tools)
"Hardening" packages (scripts or programs):
[http://packages.debian.org/testing/admin/harden.html]
[http://packages.debian.org/testing/admin/harden-environment.html]
[http://packages.debian.org/testing/admin/harden-localflaws.html]
[http://packages.debian.org/testing/admin/harden-remoteflaws.html]
[http://packages.debian.org/testing/admin/harden-remoteaudit.html]
[http://packages.debian.org/testing/admin/harden-clients.html]
[http://packages.debian.org/testing/admin/harden-servers.html]
[http://packages.debian.org/testing/admin/harden-tools.html]
[http://packages.debian.org/testing/admin/bastille.html]
[http://packages.debian.org/testing/non-us/nessus.html]
[http://packages.debian.org/testing/non-us/nessusd.html]
(these all will drag in additional dependencies)
"Hardening" packages (documentation):
[http://packages.debian.org/testing/admin/harden-doc.html]
[http://packages.debian.org/testing/doc/lskb.html]
[http://packages.debian.org/testing/doc/lasg.html]
Obviously, refer generally to this:
[http://www.debian.org/doc/manuals/securing-debian-howto/]
(this is in package [harden-doc], read on-line here if you wish instead)
Also consider highly experimental kernel patches as desired (read):
[http://lwn.net/2002/0314/a/2.4.18-mcp3-WOLK.php3]
(Apply important non-security kernel patches first, one by one with testing,
then apply quirky and funky security patches one by one with testing, then to
add one by one with testing any minor non-security patches).
2: Also an 400MHz AMD K6-2, 6Gb disk and 80Mb ram. This is to be a
name server and an email server
Yes, it is good. I'll assume you don't have an exended family who will
recieve
and send 200,000 email messages per day. ;^]
Give it enough swap space (160M perhaps). Extra memory is always good no
matter what anyway, just to giggle as speed grows greatly (given motherboard
can cache extra memory, as many older motherboards are limited that way).
Neither of them will have X on them, so what I need to know is;
a: they are not up to the tasks
b: they are just up to the tasks
c: they are easily up to the tasks
If the answer is a: or b:, what could be done to improve the
situation. Asking a lot in a single message, but I dont want to start
then find that they just won't do the job(s)
Debian (and all Linux) needs "pre-qualifier" [Windows/Linux/etc.] evaluation
software. Is on my vastly long to-do list. :)
(Please reply to list, keep discussion public).
Cheers, Meme Engineer
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Reply to: