LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-10-2001, 03:16 PM   #1
fenris@bu
LQ Newbie
 
Registered: May 2001
Posts: 18

Rep: Reputation: 0
Stripped Firewall


I am in the process of building a firewall. I do not need access to this machine...and it will do nothing but be a firewall/Router runnign IP Masq. It will log to a remote machine. Do you guys think it is a good idea to go through and remove all the stuff like compilers (gcc, etc) and the shells /sbin/sh, bsh, ksh, csh. It seems to me that if I did this, breaking into the box would do nothing....because it would have no way to do anything other than route packets.... I want to harden this thing as muchg as possible..I mean NO access to the actual system....I want it to be nothing but a means to send my cable modem to the other machines. I'm tlakin kill everything thats not ABSOLUTELY neccesary for it to route packets. what would I have to leave? exactly what programs do I need?



Rich
 
Old 07-10-2001, 08:35 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I agree such a box should be stripped of unnecessary accounts, services, binaries, dev tools etc etc. But have u looked at LRP the Linux Router Project? They provide sources to build & configure one. Could be a good starting point/blueprint on how to handle this me thinks.

I was playing way time ago with GNATBox which ran off a floppy, now Im wondering if theres a distro thatll run a router/fw off a cdr. If logging goes to a remote u wouldnt need an HD, but maybe thats another way for me to say Im braindead by now :-]
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Need Stripped Down Kernel JohnFM3 Linux - General 6 06-02-2005 10:47 PM
stripped/non-stripped binaries spuzzzzzzz Linux - General 4 02-13-2004 06:11 AM
Stripped down shell. homerz Programming 3 11-07-2003 01:02 PM
stripped down Linux? JustinBrown Linux - Software 12 07-25-2003 12:02 AM
Stripped||not stripped Cyth Linux - General 4 11-20-2001 01:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:10 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration