britishtrident
|
| posted on 11/5/04 at 07:36 AM |
|
|
Firewalls -- Netboz
I set up a Netboz firewall yesterday its pretty dammed good bit of software.
Take one old scrap PC with bootable CD rom and a floppy and add 2 network cards -- no monitor or keyboard required. Download software image and
write it to a CD and the boot key to a floppy -- insert into old PC and boot. !
Its is no so flexible as IP Cop but it is less fussy about hardware (particularly network cards) and easier to set up. The PC I used had a Cyrix
233 pro, and Compac Netelligent dual network card and it still din't complain about the harware.
[Edited on 11/5/04 by britishtrident]
[Edited on 11/5/04 by britishtrident]
|
|
|
|
|
ned
|
| posted on 11/5/04 at 08:47 AM |
|
|
British trident, is this just something that you're running at home or at work?
I'm looking into something for work as the number of hacking incidents here is getting silly (had a win2k server, fully patched hacked recently,
only realised when i found 20gb of games and movies on it - and no, they weren't mine!)
Need something pretty robust, 150+ devices, 1gb backbone, 10/100mb to desktops..
Any suggestions? I'm looking into something linux based for cost reasons, but don't have much experience with linux (haven't built a
box yet!)
Answers on a postcard...
Ned.
beware, I've got yellow skin
|
|
|
ChrisW
|
| posted on 11/5/04 at 10:55 AM |
|
|
Ned
The other one to try is smoothwall but if you want something bespoke I can get one of my Linux experts to build something for you.
Chris
My gaff my rules
|
|
|
britishtrident
|
| posted on 11/5/04 at 11:45 AM |
|
|
This ones at home but I have worked with IP Cop based firewalls at work but didn't set tem up but our Unix guru let me watch --- seemed very
easy by Unix/Linux or Windows standards, IP Cop can be fussy about hardware as it is based on a fairly old Linux kernel it really only likes NE2000
clone NICs.
Netboz is easy to try as you can use virtually any old bit of PC kit all you need to is make the disks --- the Firewall is the Free BSD one quite
well respected and used in a lot of hardware Router-Firewalls.
It is fairly flexible as regards IP addressing and DHCP also by adding a 3rd card you have a DMZ for servers.
The otherf course is to stick a secure Linux distro on a PC and use an IP table firewall --- easier than it looks lots of graphical front end tools
around for doing this.
the Distrowatch web site has loads of info on suit flavours of Linux
|
|
|
kingr
|
| posted on 20/5/04 at 10:49 AM |
|
|
quote:
Originally posted by ned
I'm looking into something for work as the number of hacking incidents here is getting silly (had a win2k server, fully patched hacked recently,
only realised when i found 20gb of games and movies on it - and no, they weren't mine!)
Need something pretty robust, 150+ devices, 1gb backbone, 10/100mb to desktops..
Any suggestions? I'm looking into something linux based for cost reasons, but don't have much experience with linux (haven't built a
box yet!)
Answers on a postcard...
Ned.
Ned, I really wouldn't touch Linux with a barge pole unless you know what you're doing, an incorrectly configured or unconfigured linux
box is more of a risk than an unconfigured Windows 2003 server.
I know they're a bit pricey, but some of the watchguard hardware firewall really are very good. Incidentally, do you know that the attack
didn't come from inside? Firewall wouldn't do a lot of good in that case.
Kingr
|
|
|
ceebmoj
|
| posted on 22/5/04 at 04:57 PM |
|
|
Ned surly for the tipe of set up you are talking about ther it is a farly no brain disision to get a decent hard weare fier wall a at lased one layer
of youer defence I would aso echo the view that if you do not know what you are doing then runing an incorecty configgerd box is just inviting a
rodgering
|
|
|
britishtrident
|
| posted on 26/5/04 at 10:31 AM |
|
|
For the home/small office just denigh everything unless you need it and don't run services you don't need --- tight firewalls make
good neighbours.
|
|
|
