1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux Firewall

Discussion in 'Computer Security' started by AJ, May 26, 2004.

  1. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    My boss has just given me a nice little job. At the moment we run an all singing all dancing firewall that sits there and does it al for us. We don't however have any backup procedures for it in case it pops it's clogs. He wants me to have a look at running a linux box using IPTables. Never mind having never used linux, IPtables????

    No seriously, got a Red Hat 9 box with a lot of documentation on to read all about iptables and routing. Gonna put 3 NIC's into the box for the green,orange and red interfaces.

    Anyone got any suggestions for the linux newbie here

    I would appriciate ANY help or pointers in the right direction
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  2. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    lots of new firewalls are built on linux anyway, but are a tad easier to use
    although not all are free for commercial use

    check out smoothwall and astaro
    i wouldnt advise using iptables as a backup unless you actually knew what you were doing, wouldnt be much use in the event of a failure if everything didnt go according to plan :)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  3. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    Tried smoothwall and ipcop. They were ok but had one big drawback. Being a school we have to monitor everything that the kids look at and the firewall is set up so that it blocks port 80 and then sends that through to the proxy server. There just did not seem to be a way to monitor traffic going out and then redirect it. It seems that it accepts that trafic going externally is be default OK and sends it through. If we can't do that then the kids will be able to by pass the proxy server and it's hello porn city.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  4. Sandy

    Sandy Ex-Member

    1,091
    2
    65
    The RedHat documentation is good you should have no problems. :P
     
  5. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    Just reading now thanks Sandy.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................

Share This Page

Loading...