|
recommendations for personal firewall?
I just want some additional security, privacy, and piece of mind. Would a simple script with iptables with dropping incoming connections be all that is required? What other options might I have?
|
you may want to check out guarddog or firestarter as GUI frontends to develop iptables structures..
personally... i really like SmoothWall. It is a customized Linux distrobution... so it needs to run on it's own box... it works great... i have been running one at home and in a corporateenvironment for a little over a year now.. not a single breach.. and the box doesn't have to be very powerful either... the one I use at home is a Pentium MMX 200 MHz with 32 MB RAM and a 3 GB HDD... All configuration is done via web-interface...definitely worth checking out if you have a spare old box somewhere... I also have been wanting to check out m0n0wall and pfSense(both based on FreeBSD) which are firewall distro's with a web interface similar to SmoothWall.. I just haven't had time, and SmoothWall works great.... otherwise... like I said.. guard dog and firestarter are good GUI's to help with your iptables implementation... |
ok, cool. So with Smooth wall, you can just do a default install on a machine plug in an ethernet cord and remote config; similar to a linksys router config? I am def gonna try firestarter, thanks.
|
yeah, except you need 2 network cards... 1 for the internet and 1 for the internal network... let me try to draw a rudimentary diagram...
Code:
{{internet}}==>[SmoothWall]==>(LAN)anyways.. yeah.. it's an easy and fast install(the ISO is only a little over 30MB) and then some basic configuration in an ncurses based system for configuring your red and green connections(red=internet, green=local network).. setting up IP's, DHCP server(if you want it to do that), etc... It's really easy... and there is a help forum on the smoothwall site.. they are fast to respond and friendly... just as they are on this site... good luck :) |
Basically most firewalls just setup iptables for you, then add a few logging options. So if you are competent with iptables I would recommend just using that.
Personally I use Shorewall for my single computer setup, as using a seperate firewall box seems overkill for my needs :) |
| All times are GMT -5. The time now is 05:55 AM. |