Hi everyone, I feel a little bit confused on which direction I should be going, hence I need some advice, pointers and clarification on establishing a firewall. I am setting up a LAN of 10 PC's. The LAN will have access to the internet via cable modem. This is what I thought of doing. A) Setting up a 486/Pentium MMX as the firewall / router. B) Use either of the following 1) Phoenix adaptive firewall ( I could only found it for SuSE 6.3 which probably will not work with SuSE 7.0) 2) Sinus firewall 3) T.REx Open Source proxy firewall 1) What could be my concerns regarding security, if I am running a stock SuSE pre compiled Kernel. What specific things I should be looking to enable / disable ? As far as I understand, if using a pre compiled stock SuSE kernel ,my option of using SINUS firewall is out of the choices. Hence I thought of using T.Rex if using stock kernel. 2) I thought of recompiling the kernel with the SuSE default config options, so I can get Sinus back into choices for proxy firewalls ( yet by doing this most probably Suse Installation support will not be very helping since I am not using the SUSE pre compiled kernel. Result questionable SuSE support availability) 3) Recompiling the after patching it with openwall security patch ( The question is SuSE kernel is pre 2.2.17 so which patch I use; 2.2.16 or 2.2.17) and then make the choice for the proxy firewall. Could some one please kindly help me with a road to choose and if possible pros and cons of the my choices and/or proxy firewalls I have found (any other suggestion is more than welcomed) Thanks in advance -- Togan Muftuoglu toganm@turk.net 100% MS FREE Absolutely no component of Microsoft was used in the generation or posting of this e-mail. So it is virus free
Hi everyone,
I feel a little bit confused on which direction I should be going, hence I need some advice, pointers and clarification on establishing a firewall. I am setting up a LAN of 10 PC's. The LAN will have access to the internet via cable modem. This is what I thought of doing.
A) Setting up a 486/Pentium MMX as the firewall / router.
B) Use either of the following
1) Phoenix adaptive firewall ( I could only found it for SuSE 6.3 which probably will not work with SuSE 7.0) 2) Sinus firewall 3) T.REx Open Source proxy firewall
Why not use Linux's built in firewalling? ipchains, and NAT, IPMAS.
1) What could be my concerns regarding security, if I am running a stock SuSE pre compiled Kernel. What specific things I should be looking to enable / disable ? As far as I understand, if using a pre compiled stock SuSE kernel ,my option of using SINUS firewall is out of the choices. Hence I thought of using T.Rex if using stock kernel.
Consider openwall patces for the kernel. http://www.securityportal.com/lskb/10000000/kben10000021.html
2) I thought of recompiling the kernel with the SuSE default config options, so I can get Sinus back into choices for proxy firewalls ( yet by doing this most probably Suse Installation support will not be very helping since I am not using the SUSE pre compiled kernel. Result questionable SuSE support availability)
3) Recompiling the after patching it with openwall security patch ( The question is SuSE kernel is pre 2.2.17 so which patch I use; 2.2.16 or 2.2.17) and then make the choice for the proxy firewall.
2.2.17 Realistically you won't need it, just run NO services on the firewall except for ssh and remove everything you don't absolutely need.
Could some one please kindly help me with a road to choose and if possible pros and cons of the my choices and/or proxy firewalls I have found (any other suggestion is more than welcomed)
phoenix has a nice VPN component for windows clients, not checp but it works well.
Thanks in advance -- Togan Muftuoglu
-Kurt
Kurt Seifried wrote:
1) Phoenix adaptive firewall ( I could only found it for SuSE 6.3 which probably will not work with SuSE 7.0) 2) Sinus firewall 3) T.REx Open Source proxy firewall
Why not use Linux's built in firewalling? ipchains, and NAT, IPMAS.
http://www.acm.uiuc.edu/workshops/security/firewall.html as I understand recommends using a proxy firewall -- Togan Muftuoglu toganm@turk.net 100% MS FREE Absolutely no component of Microsoft was used in the generation or posting of this e-mail. So it is virus free
http://www.acm.uiuc.edu/workshops/security/firewall.html as I understand recommends using a proxy firewall
Proxy firewall at what level? technically NAT (IPMASQ) is a circuit level proxy. "Advantages" of a proxy such as squid (www/ftp) is that you can log access easily, and block say *.doubleclick.net. OTOH the added software adds security risks.
-- Togan Muftuoglu toganm@turk.net
-Kurt
Kurt Seifried wrote:
http://www.acm.uiuc.edu/workshops/security/firewall.html as I understand recommends using a proxy firewall
Proxy firewall at what level? technically NAT (IPMASQ) is a circuit level proxy. "Advantages" of a proxy such as squid (www/ftp) is that you can log access easily, and block say *.doubleclick.net. OTOH the added software adds security risks.
Thanks Kurt, I understand added software means added risk. I have reread the Suse manual for 7.0 and on page 490 it states as follows: "Packet filters are network layer firewalls. They make fundamental decisions on the basis of source addresses, target addresses and ports in specific IP packets. A simple router or the SuSE Packet Filter Firewall are traditional network layer firewalls. Since they are not intelligent enough to determine what significance the contents of an IP packet have and where it really originates from, they do not offer sufficient protection against attacks. Modern network layer firewalls (for example, SINUS Firewall I for Linux, http://www.sinus-firewall.org) are more highly developed, and gather internal information on the status of connections which run via them, the contents of data streams, etc. Application layer firewalls (e. g.TIS Firewall Toolkit) on the other hand, are usually computers on which proxy servers run and which carefully protocol and examine the data traffic running over them. Since the proxy servers are programs which run on the firewall, they are ideally suited for protocol and access protection mechanisms." Based on this statement I will go ahead and consider openwall security pacth and use of the Sinus firewall. Hope I do not starting crying out for helps soon :-) -- Togan Muftuoglu toganm@turk.net 100% MS FREE Absolutely no component of Microsoft was used in the generation or posting of this e-mail. So it is virus free
participants (2)
-
Kurt Seifried -
Togan Muftuoglu