Hi Philipp, I really learned much, or better said, now I really know that I will have to learn much more about Security.
try out www.snort.org. ok, thanks.
I saw the draft. I think you're making yourself an unnecessary hard life with that proxy running 2 eths. Place the proxy INTO the DMZ not in front of it. <snip> ok, changed and uploaded.
He'll do well changing that in the near future. I try to convince him, but I think that won't help much. Because he gets paid very bad and so he is not very motivated to learn Linux in his freetime. I for myself will or want to learn it, just because I am interested in it, but I think he isn't really interested in it, he just wants a secure network and a time without very much stress (what I can also understand, if would get paid that bad.).
and we have to use Windows as a Webserver because the pupils use Frontpage and ASP for their projects (I know that's lame, but I can't change that, sorry.)
It's not about being lame. It's bad for you keeping these windoze boxes uptodate all the time. I very well remember what nimda did to my win2k www server. No anti virus software ever will help you no matter how new the patterns are. Same problem here, he was very stressed the last month and so he decided to create that group. Well, the Nimda problem still exists, and he tries to solve that with Norton Antivirus Corporate Edition. I told him, that this wouldn't help him to get a better time, but he didn't want to hear. I mean Norton is surely a good product but it would be the same if you want to repair a ship that has holes and is swimming around in the ocean, and would try to fill the holes with crates so that no water can come in. I think it would be better to throw away this ship, design a new one (without the holes) and create it.
Oh, is it a http/https/ftp proxy? Or what services do you intend to run on it? As far as I know it should be a http and ftp proxy.
FreeBSD and Linux. Well sounds like very much work. But thank you for your suggestions.
Bye, Christoph