Help answer threads with 0 replies.
Go Back > Blogs > Journey of a Thousand Miles
User Name


This is Xolo's journal, a record of his thousand mile journey through the world of Open Source.
Rate this Entry

Stateful Firewall/IDS/Filter/DDoS Mitigation #1

Posted 07-25-2006 at 07:23 AM by Xolo

Update #1, Tuesday Juli 25th 2006

Project state : Starting
LQ Threads : Stateful Firewall/IDS/Filter/DDoS Mitigation - What Would You Advise? in Linux - Security
Description : This project aims to replicate (where feasible) the functions of a HotBrick HSS4000 rackmount firewall unit.
Project Goals :
  • Stateful packet filtering (Deep packet inspection)
  • Denial of Service Mitigation
  • Source Network Address Translation (SNAT)
  • Source Network Address Translation (SNAT)
  • Destination Network Address Translation (DNAT)
  • Port forwarding
  • IDS Intrusion Detection and Prevention System
  • Mail/Web Filter (Bad/Junk mail, Viruses, Ads, P2P/IM traffic, etc.)
  • DNS, and possibly Mail (Storage, Retrieval, Forwarding) and Web Server
  • Support for typical protocols such as IPSEC, PPTP, L2TP, MPPE (VPN/VPN Passthrough)
  • WAN Load Balancing/Automatic Failover

Present course :

1. Hardware : A-Open MX3-S Mini ATX Mainboard, 1.3Ghz Intel Celeron, 256MB PC133 SDRAM, Maxtor 20GB HDD, broken CPU fan
2. Distribution : Undecided; Mandriva, Slackware, *BSD
3. Kernel : Undecided
4. Packages : Undecided; HLBR or Hogwash Light BR, LAk-IPS, FirstLight IPS, IPTables, Dan's Guardian, Apache 2, Squid, SpamAssassin, Postfix, Qmail, Bind, OpenSSL, OpenSSH, ..
5. Hardening : Undecided; Bastille, ..
6. Methods : Undecided; Rule-based, Automatic detections, CHRooting

Next step :

1. Replace CPU fan
2. Choose appropriate kernel
3. Choose appropriate distribution
4. Wipe, Install, Test
5. Sift through packages
6. Don't forget to document
Posted in Uncategorized
Views 1981 Comments 0
« Prev     Main     Next »


All times are GMT -5. The time now is 11:02 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration