Ron Johnson on 19/09/05 03:20, wrote:
On Sun, 2005-09-18 at 21:30 -0400, Matt LaPlante wrote:
For some time now, I've been experimenting with the implementation of Linux
as a cheap yet powerful routing and firewall solution. I've found that a
basic Linux platform can be rather easily customized
On Sun, 2005-09-18 at 21:30 -0400, Matt LaPlante wrote:
> For some time now, I've been experimenting with the implementation of Linux
> as a cheap yet powerful routing and firewall solution. I've found that a
> basic Linux platform can be rather easily customized to provide extremely
> cheap and po
For some time now, I've been experimenting with the implementation of Linux
as a cheap yet powerful routing and firewall solution. I've found that a
basic Linux platform can be rather easily customized to provide extremely
cheap and powerful firewalls for any home or small office environment. I've
On Fri, 2004-01-02 at 08:51, Sneppe Filip wrote:
> Hi Stephen,
>
> I am replying privately because I currently have only MS Outlook Web
> Access to my
> mailbox and hence am replying with html mail. My appologies. I don't
> want to annoy
> the list with this, so ...
Fair 'nuff ;)
> What IP adr
On Mon, Aug 04, 2003 at 10:49:47AM +0100, Karsten M. Self wrote:
>
> Incidentally, how much space are you dedicating to your Squid cache? I
> know that this can't be assigned directly, so either the segment size,
> or net use (du -s on cache) would be useful.
Currently (offline) /var/spool/squid
On Mon, 2003-08-04 at 06:32, Paul Johnson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Mon, Aug 04, 2003 at 10:49:47AM +0100, Karsten M. Self wrote:
> > Incidentally, how much space are you dedicating to your Squid cache? I
> > know that this can't be assigned directly, so eith
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Aug 04, 2003 at 10:49:47AM +0100, Karsten M. Self wrote:
> Incidentally, how much space are you dedicating to your Squid cache? I
> know that this can't be assigned directly, so either the segment size,
> or net use (du -s on cache) would be u
on Sun, Aug 03, 2003 at 08:24:14PM +0100, Pigeon ([EMAIL PROTECTED]) wrote:
> On Sat, Aug 02, 2003 at 09:18:22PM -0700, Paul Johnson wrote:
> > On Fri, Aug 01, 2003 at 06:14:12PM +0100, Pigeon wrote:
> > > In order to make it work, I didn't have to touch anything in squid's
> > > own config, just p
on Fri, Aug 01, 2003 at 01:55:39AM -0700, Loren M Lang ([EMAIL PROTECTED]) wrote:
> Does anyone have recommendations about linux vs. openbsd? I have
> always used linux for everything and propably still will for the most
> part, but for security, would it be better to use openbsd? - From
> what
On Sat, Aug 02, 2003 at 09:18:22PM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 06:14:12PM +0100, Pigeon wrote:
> > In order to make it work, I didn't have to touch anything in squid's
> > own config, just put appropriate gateway entries in the machines'
> > /etc/network/interfaces and prox
On 3 Aug 2003, Ron Johnson wrote:
> On Sun, 2003-08-03 at 01:50, Alvin Oga wrote:
...
> > f) if you allow vpn from home and wireless access to internal servers
> >than you've got some serious "network security policy and enforcement"
> >problems
>
> Not as much as you might think.
i'd
On Sun, 2003-08-03 at 01:50, Alvin Oga wrote:
> hi ya
>
> On Sun, 3 Aug 2003, David Fokkema wrote:
>
> > On Sat, Aug 02, 2003 at 09:16:54PM -0700, Paul Johnson wrote:
[snip]
> f) if you allow vpn from home and wireless access to internal servers
>than you've got some serious "network security
hi ya
On Sun, 3 Aug 2003, David Fokkema wrote:
> On Sat, Aug 02, 2003 at 09:16:54PM -0700, Paul Johnson wrote:
> > On Fri, Aug 01, 2003 at 09:04:50PM +0200, David Fokkema wrote:
> > > How large is the risk? If someone is able to crack your firewall box, how
> > > much more trouble is it to crack
On Sat, Aug 02, 2003 at 09:19:00PM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 09:33:21PM +0200, David Fokkema wrote:
> > Why Sid?
>
> It's a home network and I'm a member of the lunatic fringe?
Ah, well that explains it, :-)
David
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
On Sat, Aug 02, 2003 at 09:16:54PM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 09:04:50PM +0200, David Fokkema wrote:
> > How large is the risk? If someone is able to crack your firewall box, how
> > much more trouble is it to crack your DNS/DHCP/Squid server?
>
> That has too many variab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 09:33:21PM +0200, David Fokkema wrote:
> Why Sid?
It's a home network and I'm a member of the lunatic fringe?
- --
.''`. Paul Johnson <[EMAIL PROTECTED]>
: :' :proud Debian admin and user
`. `'`
`- Debian - when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 06:14:12PM +0100, Pigeon wrote:
> In order to make it work, I didn't have to touch anything in squid's
> own config, just put appropriate gateway entries in the machines'
> /etc/network/interfaces and proxy entries in my browser
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 09:04:50PM +0200, David Fokkema wrote:
> How large is the risk? If someone is able to crack your firewall box, how
> much more trouble is it to crack your DNS/DHCP/Squid server?
That has too many variables to properly answer fo
On Fri, Aug 01, 2003 at 03:27:35AM -0400, Tom Allison wrote:
> Mark Ferlatte wrote:
>
> >For any small (read: DS3 or less), a PC based firewall will perform just as
> >well as a hardware firewall. On the other hand, do you _want_ to be paged
> >at
> >4am because your PC based firewall ate a disk
On Fri, Aug 01, 2003 at 05:30:27AM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 03:03:23AM -0700, Steve Lamb wrote:
> > Oddly enough I'd argue that those are wasted on a router. :)
>
> My current router is a Debian Sid box on an old HP Spectra 486. It
> handles DNS for my internal ne
On Fri, Aug 01, 2003 at 05:30:27AM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 03:03:23AM -0700, Steve Lamb wrote:
> > Oddly enough I'd argue that those are wasted on a router. :)
>
> My current router is a Debian Sid box on an old HP Spectra 486. It
> handles DNS for my internal ne
On Fri, Aug 01, 2003 at 05:38:15AM -0700, Paul Johnson wrote:
> On Fri, Aug 01, 2003 at 07:22:40AM -0500, Ron Johnson wrote:
> > Wouldn't the DNS, DHCP, DHCP and Squid be on another box anyway?
>
> Optimally, yes, however if you're careful and you know what you're
> doing, you can make an almost a
On Fri, Aug 01, 2003 at 07:11:18AM -0400, Tom Allison wrote:
> Steve Lamb wrote:
> >On Fri, 01 Aug 2003 03:11:46 -0400 Tom Allison wrote:
> >
> > > These take an existing computer (Pentium 200 with 64MB RAM and 1GB
> > > hard drive, some would argue it's hardly worth pulling from the
> > > dumpster
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 07:22:40AM -0500, Ron Johnson wrote:
> Wouldn't the DNS, DHCP, DHCP and Squid be on another box anyway?
Optimally, yes, however if you're careful and you know what you're
doing, you can make an almost as secure (read: just as s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 03:03:23AM -0700, Steve Lamb wrote:
> Oddly enough I'd argue that those are wasted on a router. :)
My current router is a Debian Sid box on an old HP Spectra 486. It
handles DNS for my internal network as well. Optimally
On Fri, 2003-08-01 at 02:21, Tom Allison wrote:
> Ron Johnson wrote:
> > On Thu, 2003-07-31 at 08:30, Rex Chan wrote:
> >
> >>On Thu, Jul 31, 2003 at 08:50:21PM +0800, Robert Storey wrote:
> >
> > [snip]
> >
> >>The advantage of hardware firewall - most likely speed -
> >>specialised hardware t
On Fri, 2003-08-01 at 01:50, Alvin Oga wrote:
> On 31 Jul 2003, Ron Johnson wrote:
>
> ..
>
> > My neighbor is a network administrator for a *large* Windows site
> > (10,000+ PCs), and he told me that the mail and firewall servers
> > had bad stability problems until he stuffed them full of RAM.
Steve Lamb wrote:
On Fri, 01 Aug 2003 03:11:46 -0400
Tom Allison <[EMAIL PROTECTED]> wrote:
These take an existing computer (Pentium 200 with 64MB RAM and 1GB hard
drive, some would argue it's hardly worth pulling from the dumpster).
Oddly enough I'd argue that those are wasted on a router.
Paul Johnson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please avoid top-posting.
On Thu, Jul 31, 2003 at 09:25:33AM -0500, DePriest, Jason R. wrote:
But, use a desktop
firewall/IDS/IPS/whatever-they-decide-to-call-them-next system for
your end-users, as well. Windows XP has this built
Paul Johnson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 03:21:57AM -0400, Tom Allison wrote:
This is assuming you are under 256 users on a subnet.
Why would it be a problem with more?
I don't know that it would and am doubtful that it would.
But I'm certain of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please avoid top-posting.
On Thu, Jul 31, 2003 at 09:25:33AM -0500, DePriest, Jason R. wrote:
> But, use a desktop
> firewall/IDS/IPS/whatever-they-decide-to-call-them-next system for
> your end-users, as well. Windows XP has this built-in (I think t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Jul 31, 2003 at 01:21:23PM -0500, Jesse Meyer wrote:
> Because of such concerns, for small networks, I would recommend a
> low-end x86 machine with a stripped down install of linux - basically,
> iptables and ssh. For complicated routing, you'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Aug 01, 2003 at 03:21:57AM -0400, Tom Allison wrote:
> This is assuming you are under 256 users on a subnet.
Why would it be a problem with more?
- --
.''`. Paul Johnson <[EMAIL PROTECTED]>
: :' :proud Debian admin and user
`. `'`
On Fri, 01 Aug 2003 03:11:46 -0400
Tom Allison <[EMAIL PROTECTED]> wrote:
> These take an existing computer (Pentium 200 with 64MB RAM and 1GB hard
> drive, some would argue it's hardly worth pulling from the dumpster).
Oddly enough I'd argue that those are wasted on a router. :)
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Does anyone have recommendations about linux vs. openbsd? I have
always used linux for everything and propably still will for the
most part, but for security, would it be better to use openbsd?
- From what I hear, openbsd is a variant off of netbsd,
[EMAIL PROTECTED] wrote:
"Andre Volmensky" <[EMAIL PROTECTED]> writes:
I have to put forward an argument to management regarding setting up a
firewall on some of our clients networks.
What are the advantages of a linux firewall over something like Windows
with WinRoute on it, or
Mark Ferlatte wrote:
For any small (read: DS3 or less), a PC based firewall will perform just as
well as a hardware firewall. On the other hand, do you _want_ to be paged at
4am because your PC based firewall ate a disk?
Don't know.
My disk is 8 years old and still spinning.
If the only thing I h
Ron Johnson wrote:
On Thu, 2003-07-31 at 08:30, Rex Chan wrote:
On Thu, Jul 31, 2003 at 08:50:21PM +0800, Robert Storey wrote:
[snip]
The advantage of hardware firewall - most likely speed -
specialised hardware to deal with packet processing and the like.
So if a P2-233 w/ 32MB RAM doesn't ha
Robert Storey wrote:
A Linux-based firewall is probably good enough for the average home
hobbyist, but in a professional environment it doesn't pay to "save
money" by recycling an old PC with Linux installed in place of a router.
regards,
Robert
That's a silly thing to say when you consider that ma
Andre Volmensky wrote:
Hello all,
I have to put forward an argument to management regarding setting up a
firewall on some of our clients networks.
What are the advantages of a linux firewall over something like Windows
with WinRoute on it, or even a hardware based firewall. What are the
On 31 Jul 2003, Ron Johnson wrote:
..
> My neighbor is a network administrator for a *large* Windows site
> (10,000+ PCs), and he told me that the mail and firewall servers
> had bad stability problems until he stuffed them full of RAM.
my interpretation would be...
it says that windoze has a
to put forward an argument to management regarding setting up a
> > > firewall on some of our clients networks.
> > >
> > > What are the advantages of a linux firewall over something like
> > > Windows with WinRoute on it, or even a hardware based firewall. What
> "Andre Volmensky" <[EMAIL PROTECTED]> writes:
> > I have to put forward an argument to management regarding setting up a
> > firewall on some of our clients networks.
> >
> > What are the advantages of a linux firewall over something like Windows
> &
"Andre Volmensky" <[EMAIL PROTECTED]> writes:
> I have to put forward an argument to management regarding setting up a
> firewall on some of our clients networks.
>
> What are the advantages of a linux firewall over something like Windows
> with WinRoute on it, or
Ron Johnson wrote:
> On Thu, 2003-07-31 at 07:50, Robert Storey wrote:
>> On Thu, 31 Jul 2003 16:11:14 +1000
>> Furthermore, Intel-based PCs have some well-known exploits
>> (such as buffer overflows) which are a function of the hardware and
>> there is no real cure because changing the C
On Thu, 31 Jul 2003, Ron Johnson wrote:
>
> > Furthermore, Intel-based PCs have some well-known exploits
> > (such as buffer overflows) which are a function of the hardware and
> > there is no real cure because changing the CPU instructions would break
> > backward compatibility.
>
> Bzz
On Thu, 2003-07-31 at 11:29, Mark Ferlatte wrote:
> Andre Volmensky said on Thu, Jul 31, 2003 at 04:11:14PM +1000:
> > What are the advantages of a linux firewall over something like Windows
> > with WinRoute on it, or even a hardware based firewall. What are the
> > disadvant
Andre Volmensky said on Thu, Jul 31, 2003 at 04:11:14PM +1000:
> What are the advantages of a linux firewall over something like Windows
> with WinRoute on it, or even a hardware based firewall. What are the
> disadvantages etc. I know I am asking on a linux users mailing list, but
>
d might be effective. But
you still have Windows sitting underneath it.
-Original Message-
From: Andre Volmensky [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 31, 2003 1:12 AM
To: [EMAIL PROTECTED]
Subject: Linux firewall vs Windows and Hardware based firewalls
Hello all,
I have to put fo
On Thu, 2003-07-31 at 08:30, Rex Chan wrote:
> On Thu, Jul 31, 2003 at 08:50:21PM +0800, Robert Storey wrote:
[snip]
> The advantage of hardware firewall - most likely speed -
> specialised hardware to deal with packet processing and the like.
So if a P2-233 w/ 32MB RAM doesn't handle it, try som
n some of our clients networks.
> >
> > What are the advantages of a linux firewall over something like
> > Windows with WinRoute on it, or even a hardware based firewall. What
> > are the disadvantages etc. I know I am asking on a linux users mailing
> > list, bu
On Thu, Jul 31, 2003 at 08:50:21PM +0800, Robert Storey wrote:
> Everything I've ever read indicates that a hardware-based firewall is
> more secure and reliable than an PC operating system, be it Linux or
> Windows. A PC OS has to be complex because it has so many functions to
> perform, but that
On Thu, 31 Jul 2003 16:11:14 +1000
"Andre Volmensky" <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I have to put forward an argument to management regarding setting up a
> firewall on some of our clients networks.
>
> What are the advantages of a linux firewall
On Thu, 2003-07-31 at 04:49, Paul Johnson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thu, Jul 31, 2003 at 01:57:00AM -0500, Ron Johnson wrote:
> > Vs. Windows:
> > - stability: you can make a Win2k box as stable as a "Unix" box
> > only by adding lots more RAM.
>
> And even
On Thu, 31 Jul 2003, Kjetil Kjernsmo wrote:
>
> The floppy is from the Coyote Linux project: http://www.coyotelinux.com/
> but you could try floppyfw too http://www.zelow.no/floppyfw/
> I couldn't get it to work with my DSL provider, which is strange since
> I'm using the same provider as the
On Thursday 31 July 2003 08:11, Andre Volmensky wrote:
> What are the advantages of a linux firewall over something like
> Windows with WinRoute on it, or even a hardware based firewall. What
> are the disadvantages etc. I know I am asking on a linux users
> mailing list, but I wou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Jul 31, 2003 at 01:57:00AM -0500, Ron Johnson wrote:
> Vs. Windows:
> - stability: you can make a Win2k box as stable as a "Unix" box
> only by adding lots more RAM.
And even then, no gaurantees that the box will be reliable for very
long if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Jul 31, 2003 at 04:11:14PM +1000, Andre Volmensky wrote:
> What are the advantages of a linux firewall over something like Windows
> with WinRoute on it, or even a hardware based firewall.
If by "hardware based firewall"
On Thu, 31 Jul 2003 16:11:14 +1000
"Andre Volmensky" <[EMAIL PROTECTED]> wrote:
> What are the advantages of a linux firewall over something like Windows
> with WinRoute on it, or even a hardware based firewall. What are the
> disadvantages etc. I know I am asking on a
On Thu, 2003-07-31 at 01:11, Andre Volmensky wrote:
> Hello all,
>
> I have to put forward an argument to management regarding setting up a
> firewall on some of our clients networks.
>
> What are the advantages of a linux firewall over something like Windows
> with WinR
Hello all,
I have to put forward an argument to management regarding setting up a
firewall on some of our clients networks.
What are the advantages of a linux firewall over something like Windows
with WinRoute on it, or even a hardware based firewall. What are the
disadvantages etc. I know I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have a system with 3 nic's, i've currently got it working so it
masquerades the internal lan (with private IP-space) to the external
interface (with public-ip space). The problem is that I want the third
interface to connect to a kind of DMZ, an are
Brett Fowlkes wrote:
>
> The script is for Red Had but can I use it for Debian as well? Has anyone
> here done this and if so how did it work?
>
> Thanks,
>
> Brett
>
> --
> Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
I read:
>Your browser does not support JavaScript
>The
The script is for Red Had but can I use it for Debian as well? Has anyone
here done this and if so how did it work?
Thanks,
Brett
ems.
>
> Question: My internal mailserver is currently running on a HP-UX C3000
> which
> is behind the firewall (IP: 192.168.XXX.XXX). I need to configure my
> linux firewall to pass the SMTP transmissions to and from my server.
>
> What is the best way of doing this?
a: J
which
is behind the firewall (IP: 192.168.XXX.XXX). I need to configure my
linux firewall to pass the SMTP transmissions to and from my server.
What is the best way of doing this?
Are there any additional pitfalls I should be aware of to make my
systems as secure as possible?
Thank you for your
which
is behind the firewall (IP: 192.168.XXX.XXX). I need to configure my
linux firewall to pass the SMTP transmissions to and from my server.
What is the best way of doing this?
Are there any additional pitfalls I should be aware of to make my
systems as secure as possible?
Thank you for your
First, I want to thank everyone for their assistance, and I hope that I've
added value to the team as well.
I'm trying to figure out "ipchains", however, haven't found any
documentation upon the www.debian.org website, or two of the mirrors I have
checked to date.
Does anyone know where I might f
Hi,
I have a linux server and NT4.0 workstation clients. I use IP forwarding
for the NT clients. Realaudio, regular ftp and http connection works fine.
vxtreme does not work: It make the connection but fails to transfer the data
I get the message that I should call the system administrator to set u
69 matches
Mail list logo
