Security--The next level [Archive] - Glock Talk

PDA

View Full Version : Security--The next level


mhambi
12-27-2004, 16:29
Attached is a drawring of my 'simple' network.


Up to this point, I've been relying on the limited 'router/firewall' properties of the DSL modem. The Win boxes have software firewalls.


What steps would you take next to insure an intrusion free network? Especially for the Redhat Server. Cost is an issue. (;Q )


Thanks! :)

fastvfr
12-27-2004, 16:43
Use only one port from the DSL Router and instead use a small PC running SmoothWall or IPCOP between it and the switch.

That's going to work much better for you, and far more securely, than NAT by itself.

LOSE THE INTERNET EXPLODER. Man, will YOU have problems keeping up with all the garbage if they aren't all running Firefox!!

"-Virus software on each desktop (hopefully)-"

'Hopefully'?! Why 'hopefully'? Just do it.

And why not use the RH server for the printer server as well?

Have fun!!

mhambi
12-27-2004, 16:59
Originally posted by fastvfr
Use only one port from the DSL Router and instead use a small PC running SmoothWall or IPCOP between it and the switch.

That's going to work much better for you, and far more securely, than NAT by itself.

LOSE THE INTERNET EXPLODER. Man, will YOU have problems keeping up with all the garbage if they aren't all running Firefox!!

"-Virus software on each desktop (hopefully)-"

'Hopefully'?! Why 'hopefully'? Just do it.

And why not use the RH server for the printer server as well?

Have fun!!


:) I was to lazy to change the picture. When I inherited this little 'project', I was unsure of the AV status on every machine...hence the 'hopefully'. Hopefully is gone now. ;)


Do you have a preference between IPCop and Smoothwall?

Good tip on the IE, would like to nuke Outlook as well...

Washington,D.C.
12-27-2004, 19:11
I've used IPCop the most.So it's the one I'm used to using but Smoothwall might have a few more features.The developer of IPCop has quit working on IPCop very recently.There may not be anymore versions available.Current version is 1.4.2 and is very up to date.There is also Devil-Linux,it started as a firewall but has grown to have more server functions.I used Smoothwall before I used IPCop and I liked the easy use of IPCop.Some people claim Smoothwall is more secure than IPCop.Don't forget to check out Devil-Linux.

lomfs24
12-27-2004, 20:24
Originally posted by fastvfr
Use only one port from the DSL Router and instead use a small PC running SmoothWall or IPCOP between it and the switch.



Agreed, one great small platform could be a Linksys WRT54GS router that has been changed with the OpenWRT project or similar OS. It is a small computer/switch/router running linux and you can pretty much do anything you want with it. Packages and applications are plentyful.