Hi, Am working for a School all of our 37 computers are already connected on a network and has internet connection. Our problem is we currently dont have a server to control the network, everything was connected directly on the hub and the internet this is possible because we were given live IP's. Everything is actually working well and connection is very fast, our problem is most of our computers are prone to viruses and hacking and most of the students can basically visit any site they want.

This is my Plan:

We have 37 Computers...
13 For School Staff
22 For the Labs
2 was set aside to act as servers

Specs :

PIII Coppermine 833MHZ (Staff and Labs)
PIII Coppermine 1GHZ (Servers)
40GB HD
128MB RAM (for Staff and labs)
512MB RAM (for Servers)
BASIC CNET NIC CARD 10/100

What i plan to do is For the School Staff Only Email is unlimited access and Web Browsing will be limited to Breaktime only, No access for IM's and IRC's.

For the Labs, through the Internet Server (Proxy or NAT) can be turned on or off easily depending on the need of the class. To maximize educational Instructions led by the Instructor.

For the 2 servers, one is for file server and the other is for internet connection.

I plan to use LINUX, Either Redhat 9 or Fedora Project since we dont have the budget for enterprise level Oses...

I need some suggestions on how to implement all of these, and if there are errors with my plans.

I'm quite new with LINUX currently trying out RedHat 9 and Fedora. I tried squid, APACHE, SAMBA, NFS and other default services and doing well with it i think. I'm not network / LINUX guru yet, but am working my way hopefully you can help me with this.. Thanks!

Personally, I'd suggest Slackware, but that's a matter of personal taste, and I don't want to start a flame war .

Your setup sounds like a good idea - basically, you should manage everything through the proxy server, which goes out to the internet. That way, everything can be set up on the proxy server [I would suggest squid].

Just one question, though. Why is it necessary to restrict staff access to only breaktime? Surely if they have, say, a lesson when they're not teaching, the internet access could be useful [eg for preparing lessons].

As for other suggestions, I'm not quite sure what you want. If you ask more specific questions [eg what software for this], then I'm sure people will be more than happy to oblige you.

Hope this helps

About config concerning time restrictions, maybe groups or bandwidth restrictions... I suggest you to try QoS mechanisms. As it seems that you have high rate a HTB algorithm would be better than a CBQ one. And also don't forget to secure (a minimum at least) your internet server connection with tools like iptables.
And if you want a maximum security (I don't know, if it's really maximum but it's very good), try IPCOP for your internet connection server.

hi kbrian38, may i know for what school you implementing this network system?

I don't want to start a flame war about dietros, either, but I would suggest:

• You don't want to use a distro that no longer gets security patches, because that means that there are known ways of cracking your servers/workstations.
• for the servers, you don't want to be rebuilding every, eg, six months, or so, so you want to choose a distribution that has a longer supportability horizon than that.

If you look at distros such as Centos (essentially RHEL without the cosmetic proprietary bits), Debian, Ubuntu (LTS versions only), Slackware you'll find that you can get a decent period of fixes without paying for the big-bucks distros.

I think this thread died 3 years ago. Just sayin

...good point....wish I had noticed the original post date, rather than just the date of the previous post

Wow. 7 Years ago!

He's probably graduated by now.