Lockergnome     See You at Gnomedex 2002!

  12.13.2002 PenguinREPORT

Lockergnome's Compendium of Linux Knowledge Focusing on the core functionality built into every Linux distribution, these tomes contain a wealth of information on everything from the kernel, to core services, to networking and printing issues. Find your way around the command line functionality, so that your Linux install works the way you want it to. You won't be an expert overnight, but it will certainly lead you in the right direction. Dowload your Linux tips today.

You've got big voices with interesting things to say. Nothing quite brings out those voices like a new series in Penguin Shell. These series really tend to bring out the best of the PS readership, providing a great opportunity to share experience with the rest of us. The response to my plea for new scripts brought a flood, as well. In a scaled-down DIY Friday issue, here's what the Penguin Shell collective has had to say this week.

From Dave Weiss:

I saw that you would be covering firewalls. I've written a couple documents on how to do some fairly advanced firewalling on Linux. [They can be found] here and here.

From Stu Wilcox:

I'm interested in scripting, but don't know how or where to start..

I was wanting some advice, from you or the VAST number of readers of the Penguin Shell...

I would like to know how to setup a script to automate the updating of my website. I've heard that it can be done also I would like the ability to increase/decrease the frequency of the updates?

Is this possible or am I in 'dreamland' again?

From Fran Parker:

As much as I love Linux (I use RedHat and Mandrake currently). My husband actually set our firewall box up as a freeBSD computer. More secure and less updates needed for security fixes.

From Allyn Lambert:

I'm new to Linux, and I'm still learning, so one of my 1st jumps into the Linux world was to install Freesco on to one of my old P90 boxes. I'm running less then what you suggested. I have 32 megs of RAM, a 420 meg HD, and a Floppy Drive.

Freesco is built off of Slack, (I believe) and runs just great. However, it's more of a router then a Firewall, but it does come with some firewalling capabilities built in to it. This works just great for me at home.

I also installed another little package onto the Freesco Box. It's called Paranoid Firewall. Works great, and still lets me have complete control of my system.

I'm sure that you have thought, or at least looked at Freesco for your project, but decided against it due to it being a Router more then a Firewall. I would like to say that, Freesco was easy to install, and it can run straight off of a floppy, and it's works great for a home environment. However, as I read your Firewall series, I may just have to switch, or at least try another system.

From Bruce Peterson:

The linux firewall server is going to break the Windows stronghold in my home. Now I have to add a twist. Can the firewall server be made to use a modem and provide this service to all the other computers on the network? I live in a area were the only option is dialing up the Internet.

From Ernest Wilcox:

This is just a little feedback on the possible origins of the term firewall.

Firewalls have been built into buildings thru most of the 20th century. When a structure consists of several businesses side by side, or a row of townhouses, each property is typically separated by a brick wall named a firewall which intent is to prevent or inhibit damage in the event of a fire.

This is analogous to the intent of a firewall on a network which is to prevent or at least inhibit unwanted intrusions.

In both cases the intent is to prevent or at least limit damage.

From Mike Strock:

I look forward to the firewall series. I'm in the process of working up a proposal to put a firewall in at my office, to replace an aged MS Proxy 1.0 server. And to bring in a few servers that are "hanging wild and free" to the outside world *not* behind the proxy.

From Jason Bufford:

I have been using a dedicated *nix box as a firewall for the past 4 years. (Ever since broadband became affordable).

Instead of loading having to Linux or BSD, I just go to Global Technology Associates and download their Gnatbox Light firewall.

It fits on a single 1.44 meg floppy (no hard drive needed) and all it needs is a box with a little RAM (mine has 16 meg) a 486 or better processor (my P166MMX is overkill) and 2 NIC cards. They also have a version for dialup users too.

From Dietrich Vogt:

I read you are doing a firewall installation for the company you are working for. Since you say you don't like reinventing the wheel, take a cruise on over to Coyote Linux.

Coyote Linux is a single floppy disk Linux Distribution that is specifically designed to do a firewall. It is a breeze to configure via a Linux Shell Script or a Windows configuration utility and it rock solid stable.

I used this product for over a year, until my last external modem died, and it worked great on 486. It handles both modem and broadband connections.

You might want to take a look at his other product as well, Wolverine, which functions as both a firewall and VPN server.

Joshua Jackson, the guy who wrote this software, is from my home town of Akron, Ohio and now does this and security consulting for a living. Check out his business web site.

This guy was really amazing and I believe he helped write software to connect Linux machines onto Time-Warner RoadRunner Cable back in 1996.

It at least worth taking a look at. As you said, "why re-invent the wheel?"

And finally, one from The Hooker:

I'm sure that your telescope mirror is 800 *mm*, rather than 800 *cm* !! :-) Nice thought though.

{Right you are, Hook. Funny how much difference one single letter can make. I promoted a 31" mirror to 310".]

How's that for a useful and interesting batch of comments to end the week? Thanks to everyone. Knowing this bunch, we'll have answers to some of your questions in the next week.

Don't forget the Mandrake 9.0 install blogcast Sunday afternoon, and have a great weekend.

                 
Tony Steidler-Dennison       


 GnomeTWEAK

Firewall Boxes - Part III

I landed on a firewall distro today and got the firewall box up and running. It was a very simple process, thanks in part to the install routine of the distro I chose.

The firewall machine in the IT "closet" at work is now running Smoothwall, a light free Linux firewall distribution. After some rather exhaustive research this past week, Smoothwall really seemed to offer a good balance between lightweight and easily configurable. I really considered Devil Linux for its "run from a CD" approach.

I've also heard great things about ClarkConnect and considered it, as well.

The machine on which I installed Smoothwall is a three-year-old Dell. 266 Mhz processor, 6 Gb hard drive, 32 Mb RAM. The distro installed from a CD-ROM in something less than 15 minutes. The machine itself is actually overkill. Smoothwall has been known to run well on sub-200 Mhz processors with 16Mb RAM and drives under 1 Gig.

The installer made the configuration quite easy. As I've noted, I installed three Ethernet cards in the machine. All are identical D-Link NICs using the tulip driver. I had these on hand in the shop, left over from an "overpurchase" more than a year ago. During the install, each NIC was probed and detected, then assigned a color-based configuration.

The Red interface is the Wide Area Network (WAN) interface. It's attached to a router provided by our ISP. Its IP address is visible to the outside world.

The Green interface establishes the internal network and serves as its gateway. This internal network is a class C network, as we've discussed in earlier Penguin Shell issues. Capable of handling 255 connected machines, the network establishes 192.168.x.x as the internal address range.

The Orange interface is my connection to the hub in the shop. It, too, has an external IP address, though the range of ports that can be accessed is limited to only two.

The clincher in the decision to use Smoothwall was really one of administrative convenience. "Smoothie" is entirely browser manageable from within the network. It's got a full range of features available from the browser, including system updates. You can add rule chains and reconfigure interfaces. Really, any configuration or maintenance need you'll encounter in everyday use and administration is available via the browser. Given that I'm also an operations director, telescope assembler, tester, installer, and sometime marketing person, it was crucial to me to be able to turn on the box and make any necessary changes as quickly and easily as possible.

The SmoothWall kernel is compiled complete with all the most critical security features. On Monday, we'll talk about kernel configuration in general for your Linux firewall box.

Recommend It!
Send us a GnomeTWEAK


 GnomeCORE

Get your favorite Linux flavor on CD: Pick your favorite Linux flavor and get it on CD for as low as $1.95. Find Linux gear, books, and software for Linux at Linux Central . Check out the selection today!

Compressed Executables

Here's a quick tip on a core Linux program that can speed up the process of uncompressing executables.

The gzexe program compresses files with executable permissions in an interesting way. When run, a file compressed under this format automatically uncompresses. If you've got an especially large executable file, gzexe is the perfect tool for both space and time savings. Or, if you have a large number of executable files to compress, gzexe will speed the time it takes to decompress them as a batch. Executing a file compressed with gzexe with the -d option will uncompress all the files at once.

The convention for compressing or decompressing these files is extremely simple, as well. gzexe [options] [files]. The lone option to gzexe is -d, the decompress option. So, if your compressing the files, use gzexe [files]. To uncompress, use gzexe -d [files].

Quick and easy, indeed. The gzexe format doesn't compress quite at the level of gunzip or bz2, so there's some trade off. But you know what I say - time saved is time earned.

Recommend It!
Send us a GnomeCORE tip


 GnomeFILE

GWintree 0.9-2

http://website.lineone.net/~d.j.cooke/gwintree.htm

"GWintree is a genealogy chart program for Linux, which produces 2 styles of compact full charts from GEDCOM data, showing all blood relatives. Options are available to show ancestors only or descendants only. Charts can be printed across multiple pages or saved as image files, and can display over 1000 families, showing all links, optionally colour-coded, and formatted so families are not split by page breaks. It also produces birth brief (pedigree) charts and selective ancestor charts, and incorporates a simple data entry interface to create/edit/view GEDCOM files."

Recommend It!
Send us a GnomeFILE suggestion


 GnomeVOICE

SmoothWall
Scribbled by Adrian Williams

"Just a note on Firewall boxes, I use Smoothwall (mentioned in today's PS) and it runs on a Pentium 75 with 32MB and 200MB hard drive. The only reason I've had to reboot the computer in the last 9 months I've had it up, has been to install updates from the Smoothwall site. I have one client's site running Smoothwall on a 486-33 with 12MB RAM and 170MB drive. It works extremely well. Like many Linux applications, Smoothwall is administered thru a browser on the internal network, so the firewall machine is run 'headless'. On the Pentium, Smoothwall takes about 10 minutes to install and configure."

Recommend It!
Speak your GnomeVOICE


 GnomeCLICK

History of Linux

http://ragib.hypermart.net/linux/

This history of Linux by Ragib Hasan is a straightforward account of the genesis of Linux. The piece includes a nice summary of Minix, the OS that inspired Linus to create Linux. There's also a summary of the now-famous newsgroup exchange with Professor Andrew Tanenbaum, in which Linus shows how strongly felt about his fledgling OS. And this, in response to a question about Linux:

Q. Other than the fact Linux has a cool name, could someone explain why I should use Linux over BSD?

A. No. That's it. The cool name, that is. We worked very hard on creating a name that would appeal to the majority of people, and it certainly paid off: thousands of people are using linux just to be able to say "OS/2? Hah. I've got Linux. What a cool name". 386BSD made the mistake of putting a lot of numbers and weird abbreviations into the name, and is scaring away a lot of people just because it sounds too technical.

The History of Linux is a nice insight into the OS that began as "just a hobby, won't be big and professional like gnu."

Recommend It!
Suggest a GnomeCLICK


For Windows Users
For IT Professionals
For MP3 Fanatics
For News Hounds
For Linux Users
For Webmasters
     Stay on Top of Technology:
Get Our FREE Newsletters!

GNOMELINKS


 Get Our Help Files
 New PC Tips Book

 Latest Windows Daily
 Latest Digital Media
 Latest Tech Specialist
 Latest Penguin Shell
 Latest Apple Core
 Latest Web Weekly
 Latest Bits & Bytes
 Latest Downloads
 Latest Forum Posts

 Suggest a Feature
 Advertise With Us
 Chat With Gnomies
 Watch The Webcams
 Recommend Us!
 View More Options
 About Lockergnome

 Link To Lockergnome
 Our Privacy Policy
 Our XML / RSS Feed
 Syndicate Our Tips
 Download X-Setup
 Download eBooks

 Ask a Question
 Low Price Finder
 CPU Magazine
 High-Tech Job Search
 Gnomies.com ISP
 The GnomeSTORE

 General Feedback
 E-mail the Editor
 The Editor's Blog

 

GNOMESEARCH


 

GNOMESPECIALS


 Protect Your Passwords
 Easy Slide Show Maker
 zip.XL
 Outpost Firewall Pro
 Pretty Good MahJongg
 Book Collector
 Manage Your Workgroup
 Form Pilot
 FirstStop WebSearch
 Tag&Rename
 Boomer - Stream Now

Get Listed Here

Question: which group is 250,000+ strong and always looking for stuff to make their personal and professional lives run smoother?

 

Get yourname@gnomies.com today

 

Lockergnome Webcam Image
CLICK HERE TO ZOOM

 

GNOMECETERA


©2002, Lockergnome LLC. ISSN: 1095-3965. All Rights Reserved. Please read our Terms of Service. Our Web site is hosted by DigitalDaze. Domain registered at DNS Central. Powered by Lyris ListManager