Author Topic: security and adsl  (Read 654 times)

richard.e.morton

  • Regular Poster
  • **
  • Posts: 39
    • View Profile
security and adsl
« on: August 11, 2008, 09:02:20 am »
Hi

I was hoping for a quick couple of answers. I have spoken to people on here about using two NICs and have been encouraged to use 2 NICs by tschak909.

So we have an Internal and an External NIC

Is LinuxMCE a Stateful Packet Inspection Firewall with the ability to customise rules?
Otherwise is it a NAT Router?

ok, if it is, can the external NIC be an ADSL modem (if I can get one that is supported in Linux), even though most do not appear as network cards? Has anyone tried this? IPCop support a couple of these

Thanks

Richard

tschak909

  • LinuxMCE God
  • ****
  • Posts: 5501
  • DOES work for LinuxMCE.
    • View Profile
Re: security and adsl
« Reply #1 on: August 11, 2008, 01:24:43 pm »
Since LinuxMCE is based on the Linux kernel, and we use a 2.6 variant of the kernel, iptables is used as the firewall.

iptables is a complete stateful inspection firewall.

Also, I would stick with hardware that can be identified by the kernel in Kubuntu 7.10

-Thom

richard.e.morton

  • Regular Poster
  • **
  • Posts: 39
    • View Profile
Re: security and adsl
« Reply #2 on: August 11, 2008, 03:44:12 pm »
Since LinuxMCE is based on the Linux kernel, and we use a 2.6 variant of the kernel, iptables is used as the firewall.

iptables is a complete stateful inspection firewall.

Also, I would stick with hardware that can be identified by the kernel in Kubuntu 7.10

-Thom

thanks... I will have a look around...
I work in IT in a FTSE100 company so security is sort of ingrained in everything we do. I am right in saying that LinuxMCE is considered secure enough to have the external network interface exposed to the internet via a plain ethernet modem (i.e. no further security)

sorry to be a pain and thanks for answering so quickly

R

tschak909

  • LinuxMCE God
  • ****
  • Posts: 5501
  • DOES work for LinuxMCE.
    • View Profile
Re: security and adsl
« Reply #3 on: August 11, 2008, 03:54:13 pm »
yes. With that said, we do need a lot of help in moving a large number of processes out of privileged space.

-Thom

richard.e.morton

  • Regular Poster
  • **
  • Posts: 39
    • View Profile
Re: security and adsl
« Reply #4 on: August 11, 2008, 06:30:04 pm »
thanks