October 14th, 2001, 07:53 PM
Setting up a stand alone box as a firewall
I am new to antionline. I would like to get some advice from some of the 'pros' out there. I have two functional boxes and am connected to the internet by way of a cable modem with both boxes. What I would like to do is set up one of the boxes as a standalone firewall. I would like to connect to the internet through this box so that any possible hackers cannot access my main box. I have options of several different OS's, including Novell 5.0, W2K Pro and Server, and Linux (either RedHat 7.0 or Mandrake 7.1) for use on this firewall box. I am also utilizing BlackIce defender currently on both boxes.
The box that I will be using to do this has a celeron 633, w/256 mb ram. The main box that I am using is configured with Win98SE, 1 G Athlon-C, 512 mb ram. Both have 15 GB hard drives.
Any suggestions on what to use and how to configure this would be greatly appreciated.
October 15th, 2001, 01:17 AM
The Linux Router Project is very sweet. All it needs is a floppy and it does everything you want it to do. http://www.linuxrouter.org/
Also there is another floppy distribution with the 2.4 kernel and a web interface to set up the config file. I've never tried that, but it looks very promising: http://www.bbiagent.net/
If you want to set things up like Snort or webpages, etc. then just install RedHat and grab one of many programs to help you set up ipchains like ipmenu: http://users.pandora.be/stes/ipmenu.html
If you go the way of the floppy install, definately go grab an old pentium from a garage sale or elsewhere - the Celeron 633 would be a waste to just be a firewall.
\"If you torture the data enough, it will confess.\" --Ronald Coase
October 15th, 2001, 10:13 AM
Re: Setting up a stand alone box as a firewall
If you want a robust one, maybe you can have a look at openBSD, it's really strong, a well secure. Even when out of the box.
Link : http://Www.openbsd.org/
Any question later will be answered (concerning most probably IPF or PF)
October 16th, 2001, 02:15 PM
hey there...my two cents
you have an idea that I am wanting to work as well...so please tell me how everything works out k? First off, if you wanna a standalone firebox...who needs that much space...throw in a two gig (if ya can find one) save the other monster for some other time...throw in debian or slackware...junk the madflake and redcrap...on the other one since you have plenty of space partiton the harddrive for two os's use kermit to connect with the quasi-server/firewall box and use *program that connects windows and linux* (sorry I can't remember off the top of my head) if you use linux on both...as I suggested...my two cents would be to use the one as a plain terminal...the same goes for the firewall...just a terminal with minimal services and ports listening...but that's just my two cents and should in no way be thought of a concise way to do things...it is my own opinion on how I would like to set up my lan...but whatever...tell me what you eventually do and how it works out...maybe I'll set it up lthe way you do...hope you come to enjoy antionline as I have...it's the coolest channel out there!!! JP rules!
You can kiss my 127.0.0.1
I\'m a loser baby...so why doncha kill me?
October 17th, 2001, 05:42 PM
Just out of the blue.. no uhm, rhyme or reason, but if it's "standalone" there would be nothing connected to it, therefore, would not need to be a firewall..
Jason Parker - http://www.o-negative.net
o-Negative: Information Network
October 19th, 2001, 04:50 AM
If by "stand alone" you mean a dedicated firewall, that is, a system that will be used for nothing else, I think you are wasting a lot of computing power. The LRP mentioned by Ivan37 will work on a 486 with 16MB of RAM. I'm running it on a P75 with 64MB that I got free. One that I haven't tried yet but looks good can be found at http://leaf.sourceforge.net/pub/oxygen/ .
All I want is a warm bed, and a kind word, and unlimited power.