[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ccp4bb]: Security, Firewalls etc.



***  For details on how to be removed from this list visit the  ***
***          CCP4 home page http://www.ccp4.ac.uk         ***

On Fri, 30 Aug 2002, Kevin Cowtan wrote:

>
> If you are not behind a firewall, you can add one very cheaply - an old PC,
> running a BSD-based firewall distro is probably best. These will often fit on
> a single floppy. There are Linux versions as well, but Linux is more
> widespread and thus vulnerabilities are better known. Since these are
> designed for a single purpose, they are supposed to be quite easy to set up,
> but I haven't tried.

That is what we did. An old 100MHz PC, 16Mb RAM, floppy drive, no harddisks
and two ethernet cards is all you need. We used the firewall-on-a-floppy linux
distribution from Charles Steinkuehler (see http://lrp.steinkuehler.net/). If
you are familiar with linux then it should be rather straightforward to get it
running. It even provides a DHCP server for your internal network.

> You don't necessarily need to block ftp to outside sites, so getting data
> from synchrotrons shouldn't be an issue.

I am allowing ssh into a single local computer only from our university
central computer and add an entry for a synchrotron to allow ssh/scp if we go
collecting data.

Bart

===============================================================================

Assistant Professor
Dept. of Medical Microbiology & Immunology
University of Alberta
1-15 Medical Sciences Building
Edmonton, Alberta, T6G 2H7, Canada
phone:	1-780-492-0042
fax:	1-780-492-7521

===============================================================================