LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-12-2002, 07:37 AM   #1
kobe
Member
 
Registered: Jun 2002
Location: Australia
Distribution: RH 7.3 & Debian (Woody)
Posts: 30

Rep: Reputation: 15
Network admin questions!


Just a few questions for yas....keep in mind i am still learning lots of this stuff!!


1) I have a firewall operational, i wish to know what sites and stuff the internal LAN machines access, how do i do this? is it thru logs? if so where!

2)are there any good tools for monitoring network traffic(mainly to eliminate and detect porn usage)

3)how can i quickly and easily block a internal LAN machine from internet sites and access?

4)Any good documents/sites for newbie network adminstration for network traffic etc???


cheers for ur help
 
Old 08-12-2002, 08:50 AM   #2
hanzerik
Member
 
Registered: Jan 2002
Location: Cheyenne Wyoming
Distribution: Debian
Posts: 717

Rep: Reputation: 32
I dont use a linux box for my firewall but I have looked into it, here are some links I've come accross that may help you:

http://www.linuxsecurity.com/docs/colsfaq.html#2.1
http://www.netfilter.org/documentati...ilter-faq.html
http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
http://www.samag.com/documents/s=182...201d/0201d.htm
http://www.netfilter.org/
http://logi.cc/linux/athome-firewall.php3
http://security.ittoolbox.com/
http://www.cert.org/tech_tips/
http://www.insecure.org/reading.html
http://www.interhack.net/pubs/fwfaq/
http://www.linux-firewall-tools.com/linux/
http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
http://www.linuxdoc.org/HOWTO/Security-HOWTO.html
http://www.linuxsecurity.com/docs/
http://www.interhack.net/pubs/fwfaq/
http://www.linuxvoodoo.com/howto/ipt...-tutorial.html
http://www.tek-tips.com/gviewthread..../54/qid/140811
http://www.linux-firewall-tools.com/linux/
http://netfilter.filewatcher.org/ipchains/
http://netfilter.samba.org/ipchains/HOWTO.html
http://www.linuxguruz.org/iptables/
http://www.netfilter.org/documentation/index.html#HOWTO

Sorry for all the links, I just went threw my bookmarks and put the ones that related to firewall stuff.

Maybe I will look into it again, I have a spare box that I use for a samba server. But I dont really want to put that box on the net.
 
Old 08-12-2002, 12:38 PM   #3
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
One of the most "efficient" ways to control/monitor client traffic to the internet is to use a Proxy Server.
This is a server which takes client requests and passes them to the outside world. You can choose to cache requests to help speed, or apply ACL Access Control Lists to tailor external access.

If you primarily want to do http control, I suggest you start at http://www.dansguardian.org for their content filter, which talks to a Proxy Server, Squid for example, then add different proxies for SOCKS, ftp, email etc.
Be ready for a quick learning curve...
Regards,
Peter.
 
Old 08-12-2002, 05:56 PM   #4
amp2000
Member
 
Registered: Oct 2001
Location: Dublin, Ireland
Distribution: Mandrake 9.0 mostly!
Posts: 303

Rep: Reputation: 30
It definitely sounds like you need a proxy server as previously mentioned, I'd start with Squid http://www.squid-cache.org/
 
Old 08-13-2002, 03:12 AM   #5
kobe
Member
 
Registered: Jun 2002
Location: Australia
Distribution: RH 7.3 & Debian (Woody)
Posts: 30

Original Poster
Rep: Reputation: 15
ok...forgive my ignorance....

now a proxy server basically takes requests from internal LAN machines and then (if necessary) passes them onto the internet (modem)? right!...

i use a firewall script which is started when ppp0 is initialized, which does all the ip masq stuff using iptables....

how does the firewall fit into with the proxy server..??


cheers for those links fellas...

and yes i am aware i am in for a STEEP learning curve..lol....but sometimes its best to jump in the deep end!!!

thanks...
 
Old 08-13-2002, 03:26 AM   #6
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
The firewall scripts allow you to look deeper at the TCP/IP & UDP protocols, send packets to different destinations, block crap, LOG activity, and be a gateway device.

For "content" type logging and filtering, proxy servers are the go.
Regards,
Peter.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux for Network Admin [LAG] Evo Linux - Newbie 1 11-08-2005 01:40 PM
Network Admin PDD Linux - Networking 7 10-19-2004 12:14 PM
Remote admin questions... Irving Linux - Networking 7 06-22-2004 09:52 AM
Admin network software fanicate Linux - Software 1 01-27-2004 04:14 PM
i want to be network admin...... joesbox Linux - Security 14 10-19-2003 10:27 PM


All times are GMT -5. The time now is 03:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration