How to replace the windows server wiht a more secure linux..

[scientica]

I'm in the process of evalutaing the possibillity to transform a windows server based network to a linux server based, I'd like to hear some advices, recomendations, HOWTO links and "how to do it", the server must be able to do the following things:

• work as a proxy/firewall (allow the basic protocols (http,ftp, mail (POP3 & SMTP) etc) in and out), so that several compoters can share the connection which the server is plugged in to (the server has two ethernet cards, one connected to a ADSL modem, the other to the network switch)
• act as a file server, to day it's just a disk which is shared and contains all the stuff like drivers and so. And every user has a little private share on an other disk, accessible only to the user.
• logon server, there are a few windows machines in this network which logons to the server, the linux machines in the network currenlty logs on to them selves and connectes to the samba server and proxy after logon
• Printer server, two printers are connected to the server and shared (was a pain in the *$$ to get to work with the linux machines)

Based on the information that I've fopund is that the solution to the conection sharing is via IP Masqurading with a firewall (like PMFirewall or gShield). Is this a secure way or do you recommend an other apporach?

As for file sharing, I've got basically no idea, samba is an option, but as I've been having a ahrd time trying to configure it I'd like a more easy configured method, which used the user/group database of the server, which leads to the next point.
The clients will log on to the server, both windows and linux machines, but as I don't know anything about remote logon for linux machines I need pointers to some good basic HOWTO. First of all is there any way to make a windows machine logon to a linux server?

Lastly, the server has two printers connected to it, what printer manager will work on the network so that windows based computer can send (and successfully print) job to them?

Thank you for taking your time to read this.

[andutt]

Of course you can solve this by using linux instead of windows servers.. and on the way you are gona save a bunch of money. For internetsharing in think you shall use squid as a proxy server which is a SOCKS 5 server that your users can reach internet from (it support protocols above), use a IPtables chains also or/also grsecurity to tighten up security.

Samba instead of a windows PDC/BDC where your NT-users can logon thru, also use samba for printer and filesharing. Thats its purpouse and its very easy to set up and good on doing that.

I think you can use cups for printing but that i am unsure of, i recommend you to read up on that.

Maybe something like this...

Code:

internet
   ^
--------------------------------------------
|Linux box with iptables and grsecurity, act as firewall|
----------------------------------------------------------------
|Linux box with iptables and grsecurity and squid-proxy|
-----------------------------------------------------------------
|Internal network|
-----------------------------------------------------------------

-----------