This is Xolo's journal, a record of his thousand mile journey through the world of Open Source.
Stateful Firewall/IDS/Filter/DDoS Mitigation #1
Posted 07-25-2006 at 06:23 AM by Xolo
Update #1, Tuesday Juli 25th 2006
Project state : Starting
LQ Threads : Stateful Firewall/IDS/Filter/DDoS Mitigation - What Would You Advise? in Linux - Security
Description : This project aims to replicate (where feasible) the functions of a HotBrick HSS4000 rackmount firewall unit.
Project Goals :
Present course :
1. Hardware : A-Open MX3-S Mini ATX Mainboard, 1.3Ghz Intel Celeron, 256MB PC133 SDRAM, Maxtor 20GB HDD, broken CPU fan
2. Distribution : Undecided; Mandriva, Slackware, *BSD
3. Kernel : Undecided
4. Packages : Undecided; HLBR or Hogwash Light BR, LAk-IPS, FirstLight IPS, IPTables, Dan's Guardian, Apache 2, Squid, SpamAssassin, Postfix, Qmail, Bind, OpenSSL, OpenSSH, ..
5. Hardening : Undecided; Bastille, ..
6. Methods : Undecided; Rule-based, Automatic detections, CHRooting
Next step :
1. Replace CPU fan
2. Choose appropriate kernel
3. Choose appropriate distribution
4. Wipe, Install, Test
5. Sift through packages
6. Don't forget to document
Project state : Starting
LQ Threads : Stateful Firewall/IDS/Filter/DDoS Mitigation - What Would You Advise? in Linux - Security
Description : This project aims to replicate (where feasible) the functions of a HotBrick HSS4000 rackmount firewall unit.
Project Goals :
- Stateful packet filtering (Deep packet inspection)
- Denial of Service Mitigation
- Source Network Address Translation (SNAT)
- Source Network Address Translation (SNAT)
- Destination Network Address Translation (DNAT)
- Port forwarding
- IDS – Intrusion Detection and Prevention System
- Mail/Web Filter (Bad/Junk mail, Viruses, Ads, P2P/IM traffic, etc.)
- DNS, and possibly Mail (Storage, Retrieval, Forwarding) and Web Server
- Support for typical protocols such as IPSEC, PPTP, L2TP, MPPE (VPN/VPN Passthrough)
- WAN Load Balancing/Automatic Failover
Present course :
1. Hardware : A-Open MX3-S Mini ATX Mainboard, 1.3Ghz Intel Celeron, 256MB PC133 SDRAM, Maxtor 20GB HDD, broken CPU fan
2. Distribution : Undecided; Mandriva, Slackware, *BSD
3. Kernel : Undecided
4. Packages : Undecided; HLBR or Hogwash Light BR, LAk-IPS, FirstLight IPS, IPTables, Dan's Guardian, Apache 2, Squid, SpamAssassin, Postfix, Qmail, Bind, OpenSSL, OpenSSH, ..
5. Hardening : Undecided; Bastille, ..
6. Methods : Undecided; Rule-based, Automatic detections, CHRooting
Next step :
1. Replace CPU fan
2. Choose appropriate kernel
3. Choose appropriate distribution
4. Wipe, Install, Test
5. Sift through packages
6. Don't forget to document