Security with E-Smith SME Server

E-Smith SME Server is a Linux distribution designed to serve as a dedicated firewall/gateway server, allowing you to share an Internet connection over a LAN. The distribution is a heavily-modified version of Red Hat Linux, with most of the latter, including the GUI, removed, leaving only what is required to run a firewall/gateway in a small 380MB package. In November's Linux Here’s How column we'll look at installing and configuring E-Smith SME Server to act as a firewall and gateway for your network.

E-Smith SME Server can be downloaded free of charge from www.e-smith.org. At the time of writing, version 5.6 is the latest stable release and version 6 is in the final stages of beta testing. If you wish to use SME Server simply as a firewall/gateway, as described here, version 5.6 will be sufficient to download. Version 6 includes some more advanced features, such as IPSEC support. The distribution is distributed as an ISO CD image file that can be burned to CD-R using most CD writing programs under Windows, including Nero and CDRWin.

To burn the image under Linux, become the superuser in a shell with the 'su' command and type the following:

$ cdrecord dev=/dev/sg0 speed=8 -v -data smeserver-5.6unsupported.iso

Replace "/dev/sg0" with the device corresponding to your CD writer. You can find this device name by typing "cdrecord -scanbus" in a shell. Replace "8" with the speed at which you wish to write the CD and replace the filename after "-data" with the name of the E-Smith .iso file.

Installation

E-Smith SME Server requires a dedicated computer, which would be a great use for an old computer you may have stored away. SME Server does not co-exist happily with other operating systems on your hard drive, so install it on an empty hard disk. The distribution requires 700MB of hard disk space and thus is an ideal use of an old, unused hard disk. If your computer supports booting from CD, place the CD in the drive and boot the computer to start the E-Smith SME Server installation. If you can't boot from CD, you can create a boot floppy under Windows by inserting a blank floppy, the CD, and in a command prompt typing the following:

D:\dosutils> rawrite

Replace D: with your CD drive. When prompted for an image source file name, enter "..\images\bootdisk.img". Under Linux you can make a boot floppy by inserting the CD and in a shell typing the following:

$ cd /mnt/cdrom/images
$ dd if=bootdisk.img of=/dev/fd0 bs=1440k

The E-Smith SME Server installation is almost entirely automated. Initially you will be required to agree to the licence for the distribution. Following this, your hard disk will be partitioned automatically and the distribution will be installed for you. Depending on the speed of your computer and CD drive, this could take anywhere from five to 60 minutes.

Configuring SME Server

When E-Smith SME Server boots for the first time, you will immediately be required to configure the server. At this stage you will need to give the server a name, configure both network and Internet access settings and the services the server will offer. Each configuration option is explained at length. SME Server supports a wide range of network configuration options including DHCP, PPPoE and dial-up connections. If you are unsure of an answer, you can reconfigure SME Server later, so select the default option.

After configuring the server, you will be presented with the SME Server main menu. The server is now running as a firewall/gateway in the background. To reconfigure options such as your Internet connection method, select option 2 from the menu and you will be asked the same questions you were asked when SME Server booted for the first time.

If you have other computers on a network with SME Server, you can now share an Internet connection by configuring their gateway IP (configurable in the same place you configure your network card in) to the IP you gave the SME Server during configuration. Configure other settings such as DNS server to be identical to the IP addresses given to you by your ISP.

More advanced Linux users who like to get their hands dirty will be able to find most of SME Server's configuration files in the /etc/rc7.d directory.

In the next column we'll continue to look at E-Smith SME Server. Version 6 introduces some significant new features, including VPN support using IPSEC, which we will examine in some detail.

Click here to see image. The E-Smith server runs in the background and is configurable from the main menu.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Alastair Cousins

PC World
Show Comments

Brand Post

Imou: At home with security

Modern living is all about functionality and security for everybody from the very young to the very old. With Imou anybody can enjoy smart life – the solution is at their fingertips.

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?