1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux Firewall

Discussion in 'Computer Security' started by AJ, May 26, 2004.

  1. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,855
    141
    221
    My boss has just given me a nice little job. At the moment we run an all singing all dancing firewall that sits there and does it al for us. We don't however have any backup procedures for it in case it pops it's clogs. He wants me to have a look at running a linux box using IPTables. Never mind having never used linux, IPtables????

    No seriously, got a Red Hat 9 box with a lot of documentation on to read all about iptables and routing. Gonna put 3 NIC's into the box for the green,orange and red interfaces.

    Anyone got any suggestions for the linux newbie here

    I would appriciate ANY help or pointers in the right direction
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  2. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,737
    189
    221
    lots of new firewalls are built on linux anyway, but are a tad easier to use
    although not all are free for commercial use

    check out smoothwall and astaro
    i wouldnt advise using iptables as a backup unless you actually knew what you were doing, wouldnt be much use in the event of a failure if everything didnt go according to plan :)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  3. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,855
    141
    221
    Tried smoothwall and ipcop. They were ok but had one big drawback. Being a school we have to monitor everything that the kids look at and the firewall is set up so that it blocks port 80 and then sends that through to the proxy server. There just did not seem to be a way to monitor traffic going out and then redirect it. It seems that it accepts that trafic going externally is be default OK and sends it through. If we can't do that then the kids will be able to by pass the proxy server and it's hello porn city.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  4. Sandy

    Sandy Ex-Member

    1,091
    2
    65
    The RedHat documentation is good you should have no problems. :P
     
  5. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,855
    141
    221
    Just reading now thanks Sandy.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong

Share This Page

Loading...