Router + firewall + NIDS questions
beesond001 at hawaii.rr.com
beesond001 at hawaii.rr.com
Sun Aug 26 00:26:14 PDT 2001
Warren,
Thanks for the point out to your guide.
What you mention below is pretty much what I am interested in doing.
So, is this a two NIC + hub project, or can I run this as say a four NIC
project, one for cable modem, one for VALinux, one for the Sparc, and one
for the two wireless clients? The reason I ask this is that I think it
may be easier to limit access by routing/firewall rules if I need to do
that. For instance, I could easily firewall anything to and from eth3
from 10pm until 5pm the following day if I need to. This would leave
that connection open only when the kids would be at home and doing
homework etc.
You may also have some comments about what I wrote to Joe Paleafei via
separate reply. If so, I would be interested to hear what they are.
As I mentioned to Joe, this is a learn as I go project, so any pointers
you or anyone else offer will be greatly appreciated.
Thanks in advance for all your help,
Ben
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 8/25/01, 8:02:52 PM, "Warren Togami" <warren at togami.com> wrote regarding
[luau] Re: Router + firewall + NIDS questions:
> Router + firewall + NIDS questionsFor the software setup, it sounds that
you
> want IP masquerading with a more powerful ruleset, logging and monitoring
> tools than a single floppy can do alone. Using Linux kernel 2.4
> Netfilter/iptables and Snort should be all you need. Optionally you
could
> use ntop or Netsaint, but that may create too much overhead on your
> firewall.
> This guide that I wrote a while back is almost exactly what you need in
the
> Netfilter configuration. The latest version of MonMotha's script has
some
> serious improvements and features like TCP/UDP range forwarding.
> http://www.mplug.org/phpwiki/index.php?BasicFirewallRouter
> Unfortunately, it is currently not possible to secure 802.11b wireless
> networking with built-in WEP alone. It is now fairly trivial for anyone
to
> find an 802.11 network, and passively listen to packets for a few hours
in
> order to derive the WEP master key with which they have full access to
your
> network. They can then sniff all your traffic, hijack TCP/IP
connections,
> spoof packets or use your Internet connection with ease. The only way to
> secure a wireless network is to use some sort of VPN encrypted &
> authenticated connections between the client and server. I'm working on
> free ways of doing this for many types of clients (Windows, Linux, MacOS9
> and X) for Mid-Pac, writing a paper on the subject and perhaps a toolkit,
> but it may take me a month or two.
> ----- Original Message -----
> From: beesond001 at hawaii.rr.com
> To: Linux & Unix Advocates & Users
> Sent: Saturday, August 25, 2001 7:17 PM
> Subject: [luau] Router + firewall + NIDS questions
> Aloha all,
> I would like some advice on how to do something. I would like to build a
> router + firewall + NIDS from scratch to use for my home LAN. I was
thinking
> of building a box to act as a router and firewall for 1 Sparc, 1 VALinux
> box, one Mac, and one Windoze box. I envision a Linux box for this that
> should boot headless. I also want this router + firewall box to share one
> internet connection with all the others. BTW, the Mac and Windoze boxes
will
> need a wireless connection (wireless 802.11???). I was also thinking of
> running Snort on the internal side of the router + firewall to monitor
what
> gets past the firewall. Because of all this, I don't think that the linux
> router project will work, but the idea is mostly the same.
> What I would like to know is what does the community of experts think is:
> Thanks in advance for your help,
> Ben
> ---
> You are currently subscribed to luau as: beesond001 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
More information about the LUAU
mailing list