A little firewall setup.
ok, i wanna set up a small linux distro (graphical a plus) to firewall my webserver behind a broadband connection. The pc i am going to use is an AMD k62 500, with 128mb sdram and 2 network cards. And i run xitami webserver under windows xp (i know, i know, but i also know windows+security=nothing, so linux is gonna be my firewall).
Im going to be running a POP3, SMTP and http server, as well as using VNC to remote control the server, with php, asp mySQL.
The setup will be as follows:
Cable Modem <--------> Linux Firewall <---------> Webserver
So can anyone reccomend a simple distro with a easy to configure firewall system.
BTW, What could be even better is if i ran the POP3 and SMTP server from this distro too, to lift a bit of strain of my poor windows box. Webmail would be nice. But as im a n00b the webmail would probabily have to bounceback through the servers unless its on a port other than 80. So any other hints would be nice ;)
You know, even if you set up a firewall in between, the clients are still connecting to the HTTP server. Therefore, any vulnerability in the HTTP server is still as exploitable as it has always been.
The only firewalling system for Linux is called iptables (these days, that is, previously it was ipchains and before that there was something else, but that was before I entered the scene). It's incredibly powerful but it might be a little hard to learn. You can first check out http://www.netfilter.org/. Netfilter is the underlying kernel technology that powers iptables.
The webmail doesn't have to be powered by the server that the mails are on. I don't know what technologies you have for that xitami (?) webserver, but for PHP there is squirrelmail, which connects to an IMAP server, which you can set up anywhere else.
For the "simple" part of the firewall:
You could try smoothwall: http://www.smoothwall.org/
or install a "standard" distribution, and have a look at some of the projects available here:
Here is another question
I have a router which my server plugs into and all of my computers.
The cable modem plugs into the router.
Can i set up a firewall with my server with that setup.
Im running a slackware system with apache and samba running on it.
Of course you can set up a firewall, but unless you configure something specific, I don't think that it will do much of a difference.