Re: Firewall suggestions?
On Wed, 13 Feb 2008 15:45:48 +0000
Matthew Macdonald-Wallace <mmw@tiger-computing.co.uk> wrote:
> On Wed, 13 Feb 2008 09:27:56 -0600
> "Dennis G. Wicks" <wix@eskimo.com> wrote:
>
> > Greetings!
> >
> > It seems the time has come to build a dedicated
> > firewall machine for myself. The win 2k machine I have
> > been using is getting too flaky.
> >
> > I have a P-II HP box that was a pretty solid performer
> > that I think will do for the hardware. (Agree/disagree?)
> >
> > I need some suggestions for the firewall software,
> > running on Debian, of course! No sense reinventing the
> > wheel.
> >
> > I need something that either includes http/ftp proxy or
> > something else that will provide that service. Also
> > socks 4/5 and probably a virus/adware scanner too.
> >
> > Thanks for any suggestions and/or pointers to recent
> > resources on the subject!
>
> Shorewall all the way!!! :O)
>
> www.shorewall.net - its as easy or as difficult as you want to make
> it!
>
> Cheers,
>
> M.
Sorry, didn't read the full post:
Proxy == Squid
Virus == ClamAV/Amavisd
Ad-aware/content filtering == dansguardian
I'd recommend the PII has two network interfaces in it, a "RED" for the
internet connection and a "GREEN" for the LAN. If you're going to run
your own Mail/DNS servers, you could add a third interface as an
"AMBER" for a De-Militarised Zone (DMZ) and put the public facing
servers on that net segment.
HTH,
M.
--
|Matthew Macdonald-Wallace
|Tiger Computing Ltd
|"The Linux Specialists"
|
|Tel: 0845 373 3579
|Web: http://www.tiger-computing.co.uk
|
|Registered in England. Company number: 3389961
|Registered address: Wyastone Business Park,
| Wyastone Leys, Monmouth, NP25 3SR
Reply to: