Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-20-2003, 11:29 AM
|
#1
|
Member
Registered: Jun 2003
Posts: 86
Rep:
|
Starting from the begining
OK... well first I want to say thanks to everyone that has helped me so far.
Now I just finished getting our RH9 server up and running. Now I get to move on to what I have wanted to do for a while SECURITY.
Let me start by saying that I am a self taught IT person. Everything I know I learned on demand because we needed to do something or because something happened. I cover a wide range from running cables, MAC support, NT server, Linux Server, PHP/MySQL based web developement and so on. I know a little about a whole lot of subjects but don't know a whole lot about anything. I am very logical and have found so far that there is nothing I can't figure out. Maybe it takes a bottle of Exedrin but I can do it.
So... here is what we have.
T1 -Gateway
RH 9 - serves mail (sendmail), web (apache), FTP (vsftp), DNS (bind), and SSH.
NT4 server - file sharing and windows domain controller.
Win2K workstations (about 30)
Mac os9 workstations (5)
Everyone right now is on static IPs.
My goal. Stop all traffic from getting anywhere unless I want it to. Nothing in or out without my permission. Total Virus protection.
What I am wondering is what is my best option. Server/workstation based firewall and Virus scan? OR Firewall appliance right after teh T1 router?
I know I can get ZoneAlarm ( a great Firewal app) for all the workstations but I want to manage the rules centrally.
Norton Antivirus for the workstations sure... but I would rather have sendmail scan all the mail... or procmail actually I guess (right?).
I have seen Unspawns post and would love to read all the links he has... but the reality is... I am in a programming crunch, have no time to work on this, so I make time, and need to have a plan by early next week. If I can get some direction I will start reading and learn what I need to. That is how I have to work so I am used to it.
One thing I would like to avoid is using NAT. Reconfiguring everyones machine would be a pain? I know the theory of it but not sure how they work. Anyway, DHCP would be an adequate option for me I guess... Just some random thoughts anyway...
The nice thing is that at this point I have the chance to start off doing it right rather than hacking in fixes later on.
Thanks in advance to everyone.
|
|
|
06-25-2003, 03:07 PM
|
#2
|
Member
Registered: Feb 2002
Location: Fairfax, VA
Distribution: RedHat 8, Mandrake9.1, Slack9
Posts: 456
Rep:
|
you dont want to use nat, but you want to manage the rules centerally! you have static ips for the clients, but you are thinking about DHCP!
the best way to do this would be to put a machine with smoothwall after the t1 link and before the internal network. read the smoothwall documents and you will get a very good idea
|
|
|
06-26-2003, 12:52 PM
|
#3
|
Member
Registered: May 2002
Location: AK - The last frontier.
Distribution: Red Hat 8.0, Slackware 8.1, Knoppix 3.7, Lunar 1.3, Sorcerer
Posts: 771
Rep:
|
I second the smoothwall recommendation. I have never used it personally, but from my linux sysadmin friends, I do hear very good things about it.
manthram, did you mean www.smoothwall.org ?
|
|
|
06-27-2003, 12:05 PM
|
#4
|
LQ Newbie
Registered: Jun 2003
Location: Toronto
Posts: 27
Rep:
|
Quote:
Originally posted by manthram
you dont want to use nat, but you want to manage the rules centerally! you have static ips for the clients, but you are thinking about DHCP!
the best way to do this would be to put a machine with smoothwall after the t1 link and before the internal network. read the smoothwall documents and you will get a very good idea
|
On a similar note, put AntiVir mail gate on the same box and that will solve your sendmail problem.
|
|
|
All times are GMT -5. The time now is 01:11 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|