My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that. I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
On Friday 24 June 2005 18:28, Paul Cartwright wrote: ---snip---
Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box?
He could.
what would be other suggestions for a Linux firewall box ?
IPCop on an old machine. Easy to set up and works well. -- Christopher Shanahan
On Fri June 24 2005 6:44 pm, Christopher Shanahan wrote:
Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box?
He could.
how?
what would be other suggestions for a Linux firewall box ?
IPCop on an old machine. Easy to set up and works well.
http://www.ipcop.org/ thanks, I'll give him that info. -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
2005/6/24, Paul Cartwright <paul_tbot@pcartwright.com>:
My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that.
smufs attack protection is sole responsability of your ISP.
I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
I suggest you,if you want a "quick setup" firewall on an old machine,you can use. http://www.m0n0.ch/wall/ (freebsd based, web interface,fully featured) coyote linux: http://www.coyotelinux.com/downloads/channel.php?ChannelID=5 leaf: http://leaf.sourceforge.net or if you like to run SUSE.get the latest version and do a text mode minimal installation. -- Cristian Rodriguez. "for DVDs in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org ; done | \ perl -ne 's/\.//g; print pack("H224",$1) if(/^x([^z]*)/)' | gunzip"
On Fri June 24 2005 6:59 pm, Cristian Rodriguez wrote:
smufs attack protection is sole responsability of your ISP.
how would I know that?
I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
I suggest you,if you want a "quick setup" firewall on an old machine,you can use.
I'll check these out, thanks! -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
* Paul Cartwright <paul_tbot@pcartwright.com> [06-24-05 19:55]:
On Fri June 24 2005 6:59 pm, Cristian Rodriguez wrote:
smufs attack protection is sole responsability of your ISP.
how would I know that?
?? google is your friend ?? -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/gallery
Paul Cartwright wrote:
My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that. I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ?
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine.
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!! -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
Paul Cartwright wrote:
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!!
$25 extra per month for a firewall/router???? That's nuts!!! What he should have done, is cloned the computer's MAC address into the router, so that it appears to the ISP as the same computer. He'll have a similar issue with a Linux based firewall, unless he moves the original NIC to the firewall or copies the MAC address.
On Sat June 25 2005 7:28 am, James Knott wrote:
well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!!
$25 extra per month for a firewall/router???? That's nuts!!! What he should have done, is cloned the computer's MAC address into the router, so that it appears to the ISP as the same computer. He'll have a similar issue with a Linux based firewall, unless he moves the original NIC to the firewall or copies the MAC address.
that's what I said. I told him how to do the cloning MAC address, but he said they STILL charged him.. I'm thinking he didn't do something right... -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
On Sat, 2005-06-25 at 07:28, James Knott wrote:
Paul Cartwright wrote:
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!!
$25 extra per month for a firewall/router???? That's nuts!!! What he should have done, is cloned the computer's MAC address into the router, so that it appears to the ISP as the same computer. He'll have a similar issue with a Linux based firewall, unless he moves the original NIC to the firewall or copies the MAC address.
Second PC I believe, not necessarily the router. I'm not surprised at an extra charge for another PC, assuming that it's using another of the ISP's AP addresses. This is why I went to a router\switch, one connection, one bandwidth cost, one IP address when in use.
Mike McMullin wrote:
On Sat, 2005-06-25 at 07:28, James Knott wrote:
Paul Cartwright wrote:
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!! $25 extra per month for a firewall/router???? That's nuts!!! What he should have done, is cloned the computer's MAC address into the router, so that it appears to the ISP as the same computer. He'll have a similar issue with a Linux based firewall, unless he moves the original NIC to the firewall or copies the MAC address.
Second PC I believe, not necessarily the router. I'm not surprised at an extra charge for another PC, assuming that it's using another of the ISP's AP addresses. This is why I went to a router\switch, one connection, one bandwidth cost, one IP address when in use.
They should also be mandatory, for anyone running Windows!.
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!! Have him use a linksys router and clone the mac address from his PC on
On Sat, 2005-06-25 at 06:15 -0400, Paul Cartwright wrote: the WAN port. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
Hey guys, I have been using the Susefirewall on suselinux 9.0 and its works perfertectly but i am in troble coz i have other machine which is running qmail and a lot of thinks that i cant reintalll sooo i would like to know if could I use SuseFirewall on Debian linux? do you have any ideias? Thanks A lot Joni Hoppen ----- Original Message ----- From: "Ken Schneider" <suse-list@bout-tyme.net> To: <suse-linux-e@suse.com> Sent: Saturday, June 25, 2005 8:34 AM Subject: Re: [SLE] linux firewall or SUSE
On Fri June 24 2005 9:28 pm, James Knott wrote:
My firewall consists of SuSE 9.1, running on an old Dell computer. Works fine. well, my son is running XP, but he did have the Sygate Personal Firewall setup.He HAD a router installed, but his ISP was charging $25 a month extra for another PC, so he toook it down. I'm trying to get him to run Linux!!! Have him use a linksys router and clone the mac address from his PC on
On Sat, 2005-06-25 at 06:15 -0400, Paul Cartwright wrote: the WAN port.
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
"The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Joni Hoppen wrote:
Hey guys,
I have been using the Susefirewall on suselinux 9.0 and its works perfertectly but i am in troble coz i have other machine which is running qmail and a lot of thinks that i cant reintalll sooo i would like to know if could I use SuseFirewall on Debian linux?
do you have any ideias?
Thanks A lot
Joni Hoppen
You could save your iptables rules and copy them to run under Debian. -- Ben
On Saturday 25 June 2005 16:52, Joni Hoppen wrote:
Hey guys,
I have been using the Susefirewall on suselinux 9.0 and its works perfertectly but i am in troble coz i have other machine which is running qmail and a lot of thinks that i cant reintalll sooo i would like to know if could I use SuseFirewall on Debian linux?
It should be doable. /sbin/SuSEfirewall2 is just a script that messes with iptables, and iptables rules are the same across all distros. If you copy the script/config file across, it should run (not that I have tested it or anything, I would never run Debian, but I don't see anything immediate that would cause incompatibilities)
On Saturday 25 June 2005 17:19, Anders Johansson wrote:
On Saturday 25 June 2005 16:52, Joni Hoppen wrote:
Hey guys,
I have been using the Susefirewall on suselinux 9.0 and its works perfertectly but i am in troble coz i have other machine which is running qmail and a lot of thinks that i cant reintalll sooo i would like to know if could I use SuseFirewall on Debian linux?
It should be doable. /sbin/SuSEfirewall2 is just a script that messes with iptables, and iptables rules are the same across all distros. If you copy the script/config file across, it should run (not that I have tested it or anything, I would never run Debian, but I don't see anything immediate that would cause incompatibilities) using SUSE as an iptables script generator? Would work but have you seen fwbuilder (www.fwbuilder.com)? It's a much better iptables script generator
Jerry
Op zaterdag 25 juni 2005 00:28, schreef Paul Cartwright:
My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that. I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
http://www.clarkconnect.com smoothwall -- Richard Bos Without a home the journey is endless
Richard Bos wrote:
Op zaterdag 25 juni 2005 00:28, schreef Paul Cartwright:
My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that. I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
http://www.clarkconnect.com smoothwall
If looking for something that doesn't require knowing or messing with cryptic stuff like NAT rules which still confuses the hell out of me, http://BBIagent.net is simplicity itself and could easily be got working without much Linux knowledge. Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM Mainframes and Sun Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
On 2005-06-25 12:32 Sid Boyce wrote:
Richard Bos wrote:
Op zaterdag 25 juni 2005 00:28, schreef Paul Cartwright:
My son is having problems with his ( XP ) PC. He seems to be getting smurf attacks, or something like that. I'm not sure I can sway him to run SUSE ( or any Linux distro), but I may be able to get him to run a Linux firewall on another, older, spare PC. Could he just run SUSE on this spare box and use his cablemodem from XP, through the SUSE box? what would be other suggestions for a Linux firewall box ? -- Paul Cartwright Registered Linux user # 367800 X-Request-PGP: http://home.comcast.net/~p.cartwright/wsb/key.asc
http://www.clarkconnect.com smoothwall
What's the big diff between ClarkConnect and SmoothWall? I have been using SmoothWall for quite some time, and also recommended it to our clients. Is there a side-by-side comparison available somewhere? Anders.
Op zaterdag 25 juni 2005 12:48, schreef Anders Norrbring:
What's the big diff between ClarkConnect and SmoothWall? I have been using SmoothWall for quite some time, and also recommended it to our clients. Is there a side-by-side comparison available somewhere?
Dunno. Perhaps you can compose? Would it be nice to include suse. I think suse comes with most of the goodies that specific firewall distributions provide as well. SUSE is only missing the glue to make all these things work together (there is yast of course), but it misses things like loggers and such. At least there is no install help to install just a gateway/firewall configuration. To make the confusion even bigger, have a look at endian it looks promising as well. http://www.efw.it/ And there is http://www.redwall-firewall.com/ too. -- Richard Bos Without a home the journey is endless
Op zaterdag 25 juni 2005 12:48, schreef Anders Norrbring:
Is there a side-by-side comparison available somewhere?
I found this (http://www.tomsnetworking.com/Reviews-178-ProdID-SMOOTHWALL-5.php): Since I recently reviewed ClarkConnect-another free Open Source firewall-I thought I'd offer a few points of comparison. The biggest difference between the two is that Smoothwall is designed to be a dedicated firewall only, while ClarkConnect can be a firewall, a server, or both. On the other hand, both distros are alike in that they are designed to be administered from a web based configuration utility. But I think Smoothwall's web interface is a little better laid out and easier to navigate than ClarkConnect's. And I found Smoothwall's online help system to be more helpful and complete than Clarkconnect's method of putting general descriptions alongside configuration options. In the end, both distros are reliable and will get the job done, while at the same time being easy for almost anyone to get up and running. -- Richard Bos Without a home the journey is endless
On Sunday 26 June 2005 00:01, Richard Bos wrote:
Op zaterdag 25 juni 2005 12:48, schreef Anders Norrbring:
Is there a side-by-side comparison available somewhere?
I found this (http://www.tomsnetworking.com/Reviews-178-ProdID-SMOOTHWALL-5.php): Since I recently reviewed ClarkConnect-another free Open Source firewall-I thought I'd offer a few points of comparison. The biggest difference between the two is that Smoothwall is designed to be a dedicated firewall only, while ClarkConnect can be a firewall, a server, or both. On the other hand, both distros are alike in that they are designed to be administered from a web based configuration utility.
But I think Smoothwall's web interface is a little better laid out and easier to navigate than ClarkConnect's. And I found Smoothwall's online help system to be more helpful and complete than Clarkconnect's method of putting general descriptions alongside configuration options. In the end, both distros are reliable and will get the job done, while at the same time being easy for almost anyone to get up and running.
-- Richard Bos Without a home the journey is endless Okay, and don't forget FloppyFW, in combination with fwbuilder on a another machine it's great.
Jerry
Jerry Westrick wrote:
On Sunday 26 June 2005 00:01, Richard Bos wrote:
Op zaterdag 25 juni 2005 12:48, schreef Anders Norrbring:
Is there a side-by-side comparison available somewhere?
I found this (http://www.tomsnetworking.com/Reviews-178-ProdID-SMOOTHWALL-5.php): Since I recently reviewed ClarkConnect-another free Open Source firewall-I thought I'd offer a few points of comparison. The biggest difference between the two is that Smoothwall is designed to be a dedicated firewall only, while ClarkConnect can be a firewall, a server, or both. On the other hand, both distros are alike in that they are designed to be administered from a web based configuration utility.
But I think Smoothwall's web interface is a little better laid out and easier to navigate than ClarkConnect's. And I found Smoothwall's online help system to be more helpful and complete than Clarkconnect's method of putting general descriptions alongside configuration options. In the end, both distros are reliable and will get the job done, while at the same time being easy for almost anyone to get up and running.
-- Richard Bos Without a home the journey is endless
Okay, and don't forget FloppyFW, in combination with fwbuilder on a another machine it's great.
Jerry
That's what I started out with, then I had a problem getting some ports through and I thought I was doing everything right. No reply from the floppFW author to my email, so I googled around, found and switched to BBIagent (Linux-2.4.30 based) also on a floppy which worked first time and needed only some ticks in boxes, IP addresses and ports - they don't come any simpler. Perhaps fwbuilder if available at the time would have sorted all that out. I had a very brief look at the combination recently and decided BBIagent setup was less involved. If you go to http://BBIagent.net you can do the demo (select Applet or Plugin, etc.), password is BBIagent and you can see the sorts of things you can do via "Virtual Services", "Access Control", "Security Control" etc. You can also add/modify/delete stuff in the demo so you can see what it is like on your box and it's realtime, you don't have to take it down to do modifications, e.g if you open a port to one of your boxes and you decide to change to another box or port, you just hightlight the entry in "Virtual Services" and "Access Control", modify the stuff in the setup boxes at the top, hit the Modify button and that's done, that's the way I've been able to switch gnomemeting, gtk-gnutella and hamradio VOIP progs from one box to another when one kicks the can or has to have new hardware or a distro installed. Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM Mainframes and Sun Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks
On Monday 27 June 2005 14:29, Sid Boyce wrote:
That's what I started out with, then I had a problem getting some ports through and I thought I was doing everything right. No reply from the floppFW author to my email, so I googled around, found and switched to BBIagent (Linux-2.4.30 based) also on a floppy which worked first time and needed only some ticks in boxes, IP addresses and ports - they don't come any simpler. <snip> Regards Sid. -- Sid Boyce ... Hamradio License G3VBV, Keen licensed Private Pilot Retired IBM Mainframes and Sun Servers Tech Support Specialist Microsoft Windows Free Zone - Linux used for all Computing Tasks Thx for the heads-up... sill look into it... Jerry
participants (14)
-
Anders Johansson -
Anders Norrbring -
Ben Preston -
Christopher Shanahan -
Cristian Rodriguez -
James Knott -
Jerry Westrick -
Joni Hoppen -
Ken Schneider -
Mike McMullin -
Patrick Shanahan -
Paul Cartwright -
Richard Bos -
Sid Boyce