On Wed, Mar 19, 2003 at 01:44:13PM -0600, Jones remarked: > I am planning to replace a (dead) Windows 2000 computer that > was used as a web server and email server with a Debian Linux > solution. This machine is connected to the net via DSL and > would run apache and exim/qpopper and sshd. Everything else > would be turned off. It is a small church and their current > site is not very busy, but she says they do get a lot of > email. > > Am I right in assuming that iptabes is enough as a firewall > solution and that I would not need to buy any additional > software.
Yes the iptables tool is sufficient to construct a reliable firewall. Network topology is another issue, and one people enjoy debating ;) > That is what I understand from my past experience > with Debian/iptables as a server and from the files at > debian.org security howto at > (http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html) I would recommend you take a look at the 'Shoreline Firewall', more commonly known as 'Shorewall'. It's a good firewall solution and DEBs are available. Takes a while to get used to (i.e. figure out how it works) but it is reasonably well documented, and most importantly, well done. > On a less related note, what hardware config would you > recommend for such a system? She has a number of machines > that I could choose from. Most of them are 1.x Ghz Pentium > systems with 256MB RAM and 10 GB IDE hard drives. After > increasing the RAM to 512MB, I think this should more than > adequate for a system doing nothing but HTTP and SMTP/POP > requests. More than enough, yes. > thanks > jmb My $0.02, Raymond
pgpp2o47gZn74.pgp
Description: PGP signature
