In the middle of ’90 I had a chance to evaluate linux distributions to run a cost effective ISP. It was my first experience with linux OS at all. On my short list RedHat Linux won ahead of Slackware mainly because of easy configuration and user friendly approach. Since that, as a network security specialist, I worked with lot of flavour of Unices and Linux distributions as well and I have not changed my opinion so far… except that this open approach has a dark side as well. In Linux communities, it is possible to hear more often opinions about RedHat, as open but definitely the less secure distribution. Too much security holes and slow response in patches.
OK, so without any personal opinion in early summer 2000, I set up my gateway server, which gives the Internet connection to small home LAN of 4 computers. You know - kids, wife etc all computer dependent. It run RedHat Linux in order to see how can survive wild Internet access without any extra firewall protection, just with services provided from RedHat Inc.
Gateway is used to be the oldest and slowest in my computer park. I took one Intel Pentium 60Mz and over-clocked to 66Mhz, added 64MB RAM and some hard drive of 320MB, plus 2 "noname" network cards.
Installed the core system through NFS because I didn’t have any spear CD-ROM. After some network set-up, IP masquerading and security tunes the gateway was ready to serve my network… and did it really successfully over a 512 kbps cable modem.
As far I set up a web server I put an open hacker challenge to test the configuration. Naked RedHat Linux against the others. But it will be more interesting if the hackers have more room and possibility to dig inside the system. I put an extra hard disk of 8GB and build a procedure for automated creating users.
Gateway had about 200.000 hits per month, few hundred users and dozens of unsuccessful attacks.
Everybody laugh when saw gateway’s hardware description, but when it has been shown the performance of 100 concurrent http connections, ftp and shell users with about 10-20% of CPU usage they started to feel respect. NT will just simple die in such an environment and demand.
Today, my gateway is running on the same hardware with services as telnet, ssh, ftp, ntp, nfs, dns, etc… It has mirrors of RedHat distribution and VIM editor, hundreds of satisfied users with an open opportunity to look and feel a real Unix environment.
Site is absolutely non-commercial and only what I gain is somewhat higher salary as a security professional.
It is possible to find more information about connection and network settings in Cable Modem Providers HOWTO in chapter ComHem, for Swedish internet cable provider, what I wrote in the beginning of spring 2000.
The site is still running at http://www.polarhome.com
Added later on:
I have been notified by e-mail that this story is a winner of RedHat success stories in October 2000, however the price (a box of RedHat linux) has never been delivered. :)