[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Firewall Questions



On Tuesday 12 April 2005 05:50 pm, kevin kempter dataintellect com wrote:
> Hi All;
>
> For several years now I've been using the Astaro Firewall solution for my
> home network (http://www.astaro.com/). It requires it's own box with 2 nic
> cards and serves up IP's for the network behind the firewall. It's been a
> great solution however I wonder if there is an open source equivalent
> available. I never use the Fedora firewall because I'm almost always behind
> the main firewall on my home network or behind some corporate firewall.
>
Even behind the "corperate firewall" one can be attacked.

> I would like to find a tool capable of the following:
> 1. the ability to act as a domain firewall (maybe domain is not the correct
> term?) with the ability to serve up IP's for the users behind the firewall
> and provide access both to the internet and to each other within the
> network
>
Linux was born (>literally<) on the internet.
> 2. The ability to provide some sort of surf content filtering to keep my
> teenagers from being exposed to crap via the web
>
Yes the name of the main one escapes me at the moment. But here are some to 
look at;
http://www.zone-h.com/download/file=1429/
http://www.rogala.3d.pl/en/aldebaran.htm
http://www.aimsniff.com/
http://www.packetfactory.net/ngrep/
http://ngrep.datasurge.net/
http://www.quaking.demon.co.uk/ksnuffle.html

> 3. th ability to setup M$ style vpn access
>
Yes
> 4. something that's easy to administer
>
Shorewall and iptables is a supurb firewall system that is tied to the linux 
kernel. Shorwall allows you to modify iptables in a faitly intuitive fashion.

> 5. we generally are a Linux - only network save a few dual boot boxes for
> the sole purpose of playing multi-player games. It would be nice if I could
> prohibit any of the M$ installs from ever visiting the web but at the same
> time allow within-network access to each other so multi-player games would
> still work without acquiring an M$ based virus for every 10 minutes of game
> time.
>
IMHO You should be able to block anything -- by content -- from any box -- 
with a bit of learning curve.

> Thanks in advance for any suggestions...

-- 
John H Ludwig


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]