[tclug-list] Firewall questions (newbie)

Thu Jan 26 06:43:48 CST 2006

Here are 3 projects that I have become familiar that really stood out compared with all the others.

m0n0wall
http://m0n0.ch/wall/
I use m0n0wall at home for a VPN to my office. I am dependend on this VPN for VOIP as well. Since Septemember I have not had one single
issue. M0n0wall runs off of a CD, using a floppy to read the config about boot, although there is method to install on to a hard drive.

pfSense
http://www.pfsense.com/
Pfsense is a branch of m0n0wall that installs directly onto a hard drive. More importantly it allows the option of installing
additional packages. Another thing is pfsense is fairly simple to install. 

Endian
http://www.efw.it/
Endian is has a few nice features such as IDS. I had issues with the VPN capabilities that had more to do with the other endpoints
device. But other than that it has worked very well for me. 

Ideally you will want to put the firewall right after the modem. The linksys is placed after, keep in mind at this point you can just
set up the wireless as an access point and not a router. This would be advantageous in the long term if problems arise. Also, if you
planned on opening up any services such as a webserver you may experience at first some difficulty setting up the pass through
(depending on your familiarity of setting up services to the internet). 

This is how I would recomend you have things set up

1.) Modem> PII 350 pc w/ 2 network interface cards (1 connected to the modem, 1 to the Linksys). 
2.) Configure the Linksys to act as an access point and not a router. At this point the Linksys just becomes another device on the
network and creates one less dependency for internet access for non wireless devices.
3.) Be sure to configure the PC firewall to act as the DHCP/DNS provider. 
4.) If you choose Endian or IPCop, check out snort.org for the IDS features. 

Also, be sure to check and harden your wifi settings. For the Linksys, you should have WPA-PSK available, if not at the very least try
to use the highest security available compatible with your the wifi cards in the computers. If for some reason the wifi utility does
not have higher security settings be sure to check the MFR's website for updates. 

WPA-PSK Key Generator
http://www.kurtm.net/wpa-pskgen/
https://www.grc.com/passwords

Sean Waite

-----Original Message-----
From: "G J" <iipreca at hotmail.com>
To: tclug-list at mn-linux.org
Date: Wed, 25 Jan 2006 20:29:53 -0600
Subject: [tclug-list] Firewall questions (newbie)

> I have a Linksys WRT54G wireless router/switch coming off of my satellite 
> modem, which goes into 2-3 machines. I have an older PII 350 MHz that I 
> would like to turn into a hardware firewall. Can I put it between the modem 
> and the Linksys on the "internet" side of the Linksys, or do I have to put 
> it between the Linksys and the rest of my machines? I would like to keep the 
> Linksys in the loop since it of course has extra firewall capabilities in it 
> already.
>    Second question is what do you guys recommend I use as a firewall, I have 
> RH Fedora Core 4 but it seems there are other "hardened" SELINUX versions 
> out there, any input is appreciated.
> 
> Jesse
> 
> 
> 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list