Topic: Hackers/Crackers

[heretic]

Hi all,
  I have recently learnt about e-smith gateway machine, and it sounds very good.  But my question is, what does the ipchains firewall do? does it block every port execpt ssh(22), smtp(25), and pop3(110)?  Is the firewall customizable?

Lastly, any security bugs in 4.1.2?  anyway had experience of e-smith being hacked?

Just interested to know how security wise it is.. thanks for your advise.

- Heretic

[Dave]

4.1.2 is VERY secure, or at least as secure as you want it to be.  by default, everything but mail and web are nailed down pretty tight.  if i understand correctly, it uses a combination of ipchains and nat to get the job done, and completely foregoes bind, the biggest risk there is.  i'm VERY satisfied with it, and trust it more than i would a standard linux distribution configured to the hilt by ... well, me...

[Patrick Basile]

Dave (and everyone else) -

I am a new user of e-smith server and so far I am VERY impressed - this is a GREAT product!  I also wondering just HOW secure e-smith server actually is against hacks, etc.  It's reassuring to know it has been designed with tight security by default (Microsoft should take note of this!), but has it actually been tested by any 3rd party for security problems or holes?

I ask this because I'd like to begin to consolidate several of my domains (currently  being hosted by providers) on my e-smith server here at my office instead of paying a monthly hosting fee.  Obviously I want to make sure that the e-smith server and my network is secure from hacks (at least 99.9% of them - I know NO system is 100% secure).  Also, is e-smith secure enough that it could be setup inside the router/firewall, or should it still be placed in a DMZ?

Thanks for listening.

Regards,
Patrick

[noisiadetrotsid]

ipchains is amazingly configurable. It is based on chains of filters (hence it's name as well as the newer implementation, ipfilters) each of these filters can block or allow a specific protocol/packet size to or from any port, to or from any address/network/interface. These filters can then be chained together to form powerful rules controlling who or what gets acces to or from your network. I have yet to see a more configurable firewall (if anyone knows of one, tell me. I'd appreciate it).

[Engelmann Florian]

e-smith is based on RH 7.0. All security fixes for the RH distribution a included in the e-smith distribution - so it is tested by many linux systems using RH 7.0.
i am running a e-smith server since 6 month (only 1 reboot) in a DMZ - the logfiles show me many attacks - but still no success

[Steve]

what logs did you check to determine attackstatus?

[Dan Brown]

noisiadetrotsid, if all you're looking for is a firewall, you may want to check out Astaro Security Linux at www.astaro.com.  It may be a more flexible/easily configurable firewall than e-smith.  However, it doesn't provide the file/web/print/ftp/mail servers that e-smith does.

I have no interest in Astaro, and I love my e-smith box, but Astaro may be a worthwhile alternative on the firewall end of things.

[Sam Morgan]

If we are going to speak of firewalls for out e-smith boxes...
my 2 cents goes to Smoothwall

Sam Morgan

[Josh]

I use a hardware router, but installed Astaro and I was *very* impressed by it. Nice web-based interface too, so you can configure it from any of your Windoze machines...

--Josh

[Tyrone Miles]

I like Netmax. That have a very good VPN server also they have Firewall servers, Files servers, Webservers. (If you buy one you get all the features of the others but you have to buy the keys to open up the web configure tool for the other products) But the fire wall is top notch..