Setting Up A Secure Server/Firewall
Aims of this section - Overview

In this document I will try and give some idea of how to set up a Linux server with a balance of functionality and security but - and this is most important - THIS SYSTEM WILL NOT BE COMPLETELY SECURE. That might sound a little strange, but what I mean is that any network server always balances function and security. Additionally I actually want people to use these instructions to set up there own servers and that isn't going to happen if I go into the minutiae of a complete server set-up or if the server doesn't offer any facilities. Anyway, the only completely secure network server is the one that is switched off and protected by armed guards - Not much use, is it!

The system we are going to set up will be in the style of an application level gateway but with added services which, while making it less secure, add functionality. It will be offering inbound and outbound email facilities, as well as file space services. It will also offer a shared, cached, Internet connection. This means that a number of people on a network can share one Internet connection for web browsing and it will still work at an acceptable speed. It will also offer Dynamic Host Configuration Protocol (DHCP) facilities, which include the ability to set up certain parameters which make the local area network more effective and secure. However, as stated, a better solution, in terms of security, would be to have the application level gateway services run on one machine and file services, dhcp, etc., on another. Having said that, for a simple dial-up connection that isn't connected very often, this set up is probably sufficient.

To do all this however, we will need to have a basic understanding of how computers on the Internet communicate with each other.

Introduction < Previous - Next > Internet Communications

© Copyright Andrew Bennett 2006