EXT :RE: Fedora Server?

Burke, Thomas (ES) tg.burke at ngc.com
Tue Jun 28 17:21:22 UTC 2011 

Yeah, this used to have "roaring penguin" on it, and was my firewall to the outside world.  Until I ditched DSL, and went to cable.  Then I kept the config for a few years, until I went to FiOS...  Their Actiontek router looks to have pretty good rules, and they don't allow a lot of stuff on "normal" ports, so I changed configs and pushed him back behind the firewall.  So he has his own firewall inside the firewall, and things have to go through non-standard ports to get there, so really, it's pretty secure.

But yeah, this is my house.  I share printers and file systems out to several rooms, both over a 100Mb switch and a 54Mb wireless connection.  Http and sendmail talk over FiOS to the outside world, but the box only has a few users, so bandwidth isn't a big deal.

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of m.roth at 5-cent.us
Sent: Tuesday, June 28, 2011 11:32 AM
To: General Red Hat Linux discussion list
Subject: RE: EXT :RE: Fedora Server?

Burke, Thomas (ES) wrote:
> RH6.2 ...  not RHEL.  Yeah, *that* old.
>
> I considered going to 8.0 when it came out, but never did it.

No, you really should have gone to 9 (Shrike) - that was solid. I skipped
8, and went from 7.2 or 7.3 to 9. <g>
>
> I'm afraid my server might be nearing its last legs, and it's gained some
> wonkiness recently (I think I have an impending HW failure), so I'm

Yeah. I haven't needed one, being on just my own box, but I've just moved
into a house, and will be setting up a network, so I am considering what
to do: my current plan (forget the phone co's router) is to buy an
appliance, as they say (an inexpensive firewall/router), and put tomato or
dd-wrt on it, then run Bastille against *that*. It'll use a lot less
electricity than even a small computer.

> considering the upgrade to something new.  Of course, this means I throw
> away all my ipchains stuff and move to iptables (or whatever is en vogue,
> these days), likely re-do my sendmail.cf, and several handfuls of other
> scripts & apps to get it working, but....

iptables. It really is easier than ipchains. You might find this old
article usefule
<http://www.techrepublic.com/article/migrating-from-ipchains-to-iptables/1055287>
>
> Maybe it's worth it.

I will say a lot of the defaults - as I said, I use CentOS - work right
out of the box. For iptables, you can make permanent changes by editing
/etc/sysconfig/iptables. You can see the current rules in effect by
iptables-save, which dumps by default to stdout, like a good *nix program
should.

       mark

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list