I evaluated these and had a breeze of a time with clear os and psense, but as accurately indicated, iptables are as good as you set them. On Friday, September 17, 2010, Nd'wex Common <flexycat@gmail.com> wrote:
@Simon
For starters, enabling SELinux will indeed give you some sleepless nights and would be best if you disabled it. The security of your system/network is dependent on how well you configure iptables.
Zentyal and other bundled network management systems eg ClearOS [based on centos also web-based interface] can be good admin. products but you need to fully understand what they can do and what they cannot with relation to your needs.
my thoughts
On Fri, Sep 17, 2010 at 3:50 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hi guys,
I have been running a CentOS firewall for a few months, but it seems to me like the machine is posessed by something. All of a sudden no port is open from outside except ssh which I'd like to be accessible only from within my LAN. The problem is SELINUX. I'm a bit apprehensive about disabling SELINUX [and only use iptables] though I don't know what security risks I'd be exposing myself to by so doing - if any. Thanks to one skunkmaster Jangita, I have learnt about Zentyal, a Ubuntu/Debian-based ... thingie that comes bundled with a number of services [firewall, IDS etc] which can be administered thru a sleek web-based interface.
My question/s is/are: would it be safe for me to use iptables only and disable SELINUX? Is Zentyal formidable enough to use as a security solution for a small business network? And why does SELinux have to be such a pain in the neck???
Me.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet Skunkworks Server HarambeeĀ <http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en> ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Collins Areba. Strategic Operations. Center for Renewable Alternatives Old Ferry Road, off Msa Malindi Rd, Kilifi, Kenya. +254 720 516758 +254 734 696821 skype/gtalk/twitter: arebacollins *Solar *| * Wind *| * Waves * | * Biomass *