---------------------------------------------------------------------- The SINUS Firewall -- a TCP/IP packet filter for Linux Written within the SINUS project at the University of Zurich, SWITCH, Telekurs Payserv AG, ETH Zurich. originally based on the sf Firewall Software (C) 1996 by Robert Muchsel and Roland Schmid. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. SINUS Firewall resources: SINUS Homepage: http://www.ifi.unizh.ch/ikm/SINUS/ Firewall Homepage: http://www.ifi.unizh.ch/ikm/SINUS/firewall.html Frequently asked questions: http://www.ifi.unizh.ch/ikm/SINUS/sf_faq.html Mailing list for comments, questions, bug reports: firewall@ifi.unizh.ch ------------------------------------------------------------------------- This is version 0.1 of the SINUS firewall. It requires Linux 2.0.3x with x>=2. It was tested mainly with 2.0.34. With a simple modification, it should also work properly with 2.0.26..31. It runs on a libc5 and a libc6 (glibc2) system. It will not run with libc4 and/or non-ELF systems. There are older versions of the sf firewall software that work on Linux 2.0.6 and 1.2.13. Check the homepage for them. Documentation is supplied in HTML format (to print, please use your Web browser). Please read the installation section in the user's guide (user.htm) before trying to compile and install the software! Feel free to subscribe to the mailing list (by sending a mail to majordomo@ifi.unizh.ch, with body "subscribe firewall") and report any problems, bugs, suggestions and comments to firewall@ifi.unizh.ch. You can get the latest version of the software from http://www.ifi.unizh.ch/ikm/SINUS/firewall.html ftp://ftp.ifi.unizh.ch/pub/security/firewall/ QUICK OVERVIEW -------------- The SINUS firewall is a free and easy way to protect your network from the daily threats of the Internet. It does not guarantee perfect security, however it comes with a wealth of features, including: - filtering of all header fields in the IP,TCP,UDP,ICMP,IGMP packets - intelligent RIP and FTP support - easy to understand, text-based configuration - graphical management interface for configuration of several firewalls - dynamic rules, including counters and time-outs - extensive logging, alerting, and counter intelligence - prevention of packet and address spoofing - GNU GPL license :-) To install the software, you need a Linux 2.0.x based system. We suggest you install a bare-bone system without X or any of the other nifty features which tend to have security holes. You should not install user accounts on the firewall system. Log-ins other than from the console should be forbidden (if you absolutely have to log in remotely, we strongly suggest you install a copy of ssh, http://www.cs.hut.fi/ssh). Although the software has been subject to thorough testing, and has been continuously running without crashes for over 12 months, we are confident someone will eventually unconver A BUG in the software. Therefore, it is version "0.1". Please do not use this software as the sole means to protect your top secret data. This software is intended for - people who want to study firewalls - people who don't trust their current firewall - and people who currently don't have any protection at all (even if there are serious bugs, it cannot get worse, can it?) If you have trouble installing or configuring the software despite the comprehensive documentation, or if you seek advice in security related issues, feel free to subscribe to the SINUS firewall mailing list, firewall@ifi.unizh.ch and ask there. Subscription is done by sending mail to majordomo@ifi.unizh.ch with a single line "subscribe firewall" in the body. However, please understand we cannot guarantee that every question will be answered to your convenience. Harald Weidner 20.10.1998