Alright ladies and gents. I got a new place (moved out) and we plan on networking all of our machines, setting them up with cable broadband and I plan on giving ourselves a nice firewall machine.
I can get my hands on a lot of free stuff but the newest i could snag is pent 3 stuff. I want to build a small efficient machine perhaps running linux and make it our firewall. What do you recommend? Would it be safe to just grab a pent 2 and set some stuff up software wise... what would you do? With limited resources
Setting up a firewall
-
RandomThug
- Posts: 2795
- Joined: Thu Jun 20, 2002 11:00 am
- Location: Nowheresville
- Contact:
Setting up a firewall
Jackie Treehorn: People forget the brain is the biggest sex organ.
The Dude: On you maybe.
The Dude: On you maybe.
-
HighLordDave
- Posts: 4062
- Joined: Sun Jan 14, 2001 11:00 pm
- Location: Between Middle-Earth and the Galaxy Far, Far Away
- Contact:
How much security do you need?
I have three machines set up behind a Netgear router with ZoneAlarm installed on each one. I haven't had any issues (that I know of) related to security or illicit hacking. Unless you are fending off active assaults on your network, a router coupled with a commercially-available firewall program should be more than sufficient for your needs.
I recommend ZoneAlarm because it's free, has low system overhead and it seems to do its job very well. Did I mention that it's free? Other products that computer magazines seem to recommend are Norton Internet Security and Black Ice Defender.
I have three machines set up behind a Netgear router with ZoneAlarm installed on each one. I haven't had any issues (that I know of) related to security or illicit hacking. Unless you are fending off active assaults on your network, a router coupled with a commercially-available firewall program should be more than sufficient for your needs.
I recommend ZoneAlarm because it's free, has low system overhead and it seems to do its job very well. Did I mention that it's free? Other products that computer magazines seem to recommend are Norton Internet Security and Black Ice Defender.
Jesus saves! And takes half damage!
If brute force doesn't work, you're not using enough.
If brute force doesn't work, you're not using enough.
-
Mr Flibble
- Posts: 1806
- Joined: Sun Jun 17, 2001 10:00 pm
- Location: New Zealand
- Contact:
I'm using ZoneAlarm and it works wonders. I've found it logs a lot more information than BlackIce or Norton Internet Security too. One tip: Make sure you enter your local network IP range into the trusted sites option, or you won't be able to see other machines on the network.
There are 10 types of people in the world - those who understand binary and those who don't.
I think I think, therefore I might be.
I think I think, therefore I might be.
-
HighLordDave
- Posts: 4062
- Joined: Sun Jan 14, 2001 11:00 pm
- Location: Between Middle-Earth and the Galaxy Far, Far Away
- Contact:
As I said before, I think you will find most commercial firewalls will prove more than adequate for home and personal use.
In truth, most security breaches are the result of a user downloading and installing spyware or getting a trojan horse virus that compromises security rather than an attack from an outside source. In the grand scheme of things, your home network is small potatoes and generally will not be the target of a malicious hacker. They are more likely to go after corporate networks and websites that conduct business where hackers can make money or go joyriding.
As an end user, you have to be careful that you are not installing programs that are loaded up with spyware, or no matter what firewall you are using, you will be enabling a security breach instead of being the passing victim of an internet attack.
The three programs that I can think of that are loaded up with spyware and exhibit the characteristics of a virus are AOL, Gator and KaZaa (plus other file-sharing utilities; they are bundled with stuff that monitors what you are doing). You should be very careful before you install any of these programs because they are inviting a security breach on your machine and on your network.
In truth, most security breaches are the result of a user downloading and installing spyware or getting a trojan horse virus that compromises security rather than an attack from an outside source. In the grand scheme of things, your home network is small potatoes and generally will not be the target of a malicious hacker. They are more likely to go after corporate networks and websites that conduct business where hackers can make money or go joyriding.
As an end user, you have to be careful that you are not installing programs that are loaded up with spyware, or no matter what firewall you are using, you will be enabling a security breach instead of being the passing victim of an internet attack.
The three programs that I can think of that are loaded up with spyware and exhibit the characteristics of a virus are AOL, Gator and KaZaa (plus other file-sharing utilities; they are bundled with stuff that monitors what you are doing). You should be very careful before you install any of these programs because they are inviting a security breach on your machine and on your network.
Jesus saves! And takes half damage!
If brute force doesn't work, you're not using enough.
If brute force doesn't work, you're not using enough.
-
HighLordDave
- Posts: 4062
- Joined: Sun Jan 14, 2001 11:00 pm
- Location: Between Middle-Earth and the Galaxy Far, Far Away
- Contact:
@KidD01:
I have a Netgear RP114 router and it has a network address translation firewall built in to it, as does the comparable Linksys router I looked at (I forget the model number but it's also a very good router, by the way; I only went with the Netgear because they had the lower price at Circuit City on the day I bought it).
I believe you are correct to say that almost all of the major name brand name (Netgear, Linksys, D-Link, Belkin, Siemens, etc.) routers on the market come with a firewall you can activate when you program the router. Go here to see PC Magazine's Editor's Choice awards for broadband routers.
I have a Netgear RP114 router and it has a network address translation firewall built in to it, as does the comparable Linksys router I looked at (I forget the model number but it's also a very good router, by the way; I only went with the Netgear because they had the lower price at Circuit City on the day I bought it).
I believe you are correct to say that almost all of the major name brand name (Netgear, Linksys, D-Link, Belkin, Siemens, etc.) routers on the market come with a firewall you can activate when you program the router. Go here to see PC Magazine's Editor's Choice awards for broadband routers.
Jesus saves! And takes half damage!
If brute force doesn't work, you're not using enough.
If brute force doesn't work, you're not using enough.
-
Mr Flibble
- Posts: 1806
- Joined: Sun Jun 17, 2001 10:00 pm
- Location: New Zealand
- Contact:
If you're serious about security on a home DSL line you might want to try and get hold of an Allied Telesyn AR240e as it includes a full stateful inspection firewall.
I've installed several of these for customers and they are very easy to set up. It's a bit more expensive than most DSL modems, but if you're concerned about security then definitely worth a few extra bucks.
I've installed several of these for customers and they are very easy to set up. It's a bit more expensive than most DSL modems, but if you're concerned about security then definitely worth a few extra bucks.
There are 10 types of people in the world - those who understand binary and those who don't.
I think I think, therefore I might be.
I think I think, therefore I might be.