I
illumination
Will look into this, thank you.since Linux has a different attack vector something like this could help
Arno's IPTABLES firewall
Features
Very secure stateful filtering firewall
It can be used for both single- and multi(eg. dual)-homed boxes
Masquerading (NAT) and SNAT support
Full IPv6 support (including IPv4 / IPv6 mixed mode support)
Multiple external (internet) interfaces
Support multiroute NAT & SNAT (load balancing over multiple (internet) interfaces)
Port forwarding (NAT)
Support MAC address filtering
Support for static and ISP assigned (DHCP) IPs
Support for (transparent) proxies
Full support for DMZ's and DMZ-2-LAN forwarding. You can also use it to isolate your eg. wireless LAN.
(Nmap)(stealth) portscan detection
Protection against SYN-flooding (DoS attacks)
Protection against ICMP-flooding (DoS attacks)
Extensive user-definable logging with rate limiting to prevent log flooding
Includes options to optimize your throughput
User definable open ports, closed ports, trusted hosts, blocked hosts etc.
Log & protection options are both highly customizable
Support for custom iptables rules in a seperate file
It can be used with chkconfig runlevel system (eg. RedHat/Fedora)
Main focus on TCP/UDP/ICMP but additional support for *ALL* IP protocols
Plugin support (to add extra features).
SSH Brute Force (Cracking) Protection (plugin)
DynDNS (Dynamic DNS) support (plugin)
Intrusion Detection System (IDS) (plugin)
Traffic Shaping (plugin)
SIP/VOIP support (plugin)
Traffic Accounting support (plugin)
IPSEC support (plugin)
Support for DSL/ADSL modems, supporting PPPoE, PPPoA and bridging modem setups (plugin)
It works with PoPTop PPTP (http://www.poptop.org)
It works with UPnP
DRDOS protection/detection (experimental)
It's easy to install & configure
And much more...
http://rocky.eld.leidenuniv.nl/joomla/index.php?option=com_content&view=article&id=45&Itemid=63
James