Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I want to secure my network where i don't want to invest the money on Firewall. How effectively i can secure the network using Linux.
Suggest what i have take the initial steps as i am new to linux.
You don't mention the size of network you wish to protect, how your external connectivity is delivered, or if you have any requirements such as public facing server/services. For example, many "home" ISP routers have full firewall functionality built in that can be accessed and configured from a web interface. "Business" ISP could be as simple as an NTU with an ethernet port that's pushing everything out or could also have firewall functionality.
So the basics:
1) Pick a distro (I'd recommend CentOS 7 as it's compatible with RedHat 7 and there's LOADS of tutorials available)
2) Start googling for IPTABLES tutorials
3) Implement
From past experience I prefer a physical firewall appliance.
I have a 100 users and we have a just ISP connectivity no security is applied and we do have some critical servers which have critical data recently got affected with bit coin ( Ransomware ) attack so without purchasing a firewall cant we secure our network using linux
Yes, you can totally protect your network with linux and the right hardware (basic server with multiple nics)
However, a basic linux firewall / router on it's own won't protect you against ransomware.
If you want to do that at firewall level you're going to need content examination and filtering and probably SSL inspection too. For THAT, and for a 100+ user company I'd seriously invest in an appliance that CAN do these things. Figure that even if you have to spend $2000 on one then that's $20 per machine. I'm sure your data security is worth more than $20 per machine.
If you cannot afford an appliance, you can download to image of Astaro Security Appliance and load a machine with it to build your own. If you have a problem finding that download (from SOPHOS I believe) you can check distrowatch.com for firewall distributions: some of those are VERY good.
You have a number of ways to secure the network. As noted above you could use a firewall distro like Untangle. You can run it on a dedicated machine as firewall. You can also run it under a virtual machine and have all lan systems access the vm then to wan. I like to keep lan segments discrete and separated from wan segment.
A firewall however doesn't prevent issues. Be sure to learn and use as many best practices as you can.
I'm *guessing*: you have 100 MS-WinX desktops, and the RansomeWare is *MS-Win* code (maybe arriving in emails, not a network *connection, directly*, which a basic firewall filters).
IF the 100users could run only Linux, [mostly] the MS Ransome code would do nothing!
There's probably Linux applications that can *examine* email contents (spamassassin but I don't know)
I want to secure my network where i don't want to invest the money on Firewall. How effectively i can secure the network using Linux.
Suggest what i have take the initial steps as i am new to linux.
Regards,
Shamanth
Quote:
Originally Posted by Shamu88
Hi Ten Tenths,
I have a 100 users and we have a just ISP connectivity no security is applied and we do have some critical servers which have critical data recently got affected with bit coin ( Ransomware ) attack so without purchasing a firewall cant we secure our network using linux
Regards,
Shamanth
Since this is a case in homework the shortest answer is:
Utilize one of your servers to act as proxy server imposing a bottle-neck for easier security management.
Run IPTABLES in every server, it is built-in every linux kernel, you don't have to pay anything for that.
If that does not work...
The shortest way to safety is don't connect you network to the internet.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.