Yeah, this used to have "roaring penguin" on it, and was my firewall to the outside world. Until I ditched DSL, and went to cable. Then I kept the config for a few years, until I went to FiOS... Their Actiontek router looks to have pretty good rules, and they don't allow a lot of stuff on "normal" ports, so I changed configs and pushed him back behind the firewall. So he has his own firewall inside the firewall, and things have to go through non-standard ports to get there, so really, it's pretty secure. But yeah, this is my house. I share printers and file systems out to several rooms, both over a 100Mb switch and a 54Mb wireless connection. Http and sendmail talk over FiOS to the outside world, but the box only has a few users, so bandwidth isn't a big deal. -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of m.roth@xxxxxxxxx Sent: Tuesday, June 28, 2011 11:32 AM To: General Red Hat Linux discussion list Subject: RE: EXT :RE: Fedora Server? Burke, Thomas (ES) wrote: > RH6.2 ... not RHEL. Yeah, *that* old. > > I considered going to 8.0 when it came out, but never did it. No, you really should have gone to 9 (Shrike) - that was solid. I skipped 8, and went from 7.2 or 7.3 to 9. <g> > > I'm afraid my server might be nearing its last legs, and it's gained some > wonkiness recently (I think I have an impending HW failure), so I'm Yeah. I haven't needed one, being on just my own box, but I've just moved into a house, and will be setting up a network, so I am considering what to do: my current plan (forget the phone co's router) is to buy an appliance, as they say (an inexpensive firewall/router), and put tomato or dd-wrt on it, then run Bastille against *that*. It'll use a lot less electricity than even a small computer. > considering the upgrade to something new. Of course, this means I throw > away all my ipchains stuff and move to iptables (or whatever is en vogue, > these days), likely re-do my sendmail.cf, and several handfuls of other > scripts & apps to get it working, but.... iptables. It really is easier than ipchains. You might find this old article usefule <http://www.techrepublic.com/article/migrating-from-ipchains-to-iptables/1055287> > > Maybe it's worth it. I will say a lot of the defaults - as I said, I use CentOS - work right out of the box. For iptables, you can make permanent changes by editing /etc/sysconfig/iptables. You can see the current rules in effect by iptables-save, which dumps by default to stdout, like a good *nix program should. mark -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
