-
September 22nd, 2004, 02:32 PM
#1
Member
Fedora and Snort HW firewall
Is Fedora and Snort still my best option for a Hard Ware firewall to protect my network?
I have a pentium 333mh 384mb ram 8gb hdd and Athlon 2400+ 512mb ram and 80gb hdd
Does speed and ram make a significant effect to firewall/ network speed?
Is there any special way to install OS? Always been told less is more?
What about physical position of Firewall, what is best?
Any advice really appreciated.
Thanks
-
September 22nd, 2004, 02:42 PM
#2
First things first. Fedore is an OS and snort is an NIDS. Neither of them are considered a "hardware firewall". People tend to call Cisco PIX, Nokia-Checkpoint FW-1, Sonicwalls etc hardware firewalls. Dedicated boxes with everything buildin out-of-the-box.
On the other hand, you can turn this into a great firewall with intrusion detection.
Speed and RAM does have an effect on the performance.
How much bandwidth are you planning on firewalling?
As for installation of the OS, only install the bare minimum you need.
And the physical position? How about at the edge of your network?
Or did you mean in a closed (server) room?
As a side note, I have an old P90, 24MB ram, 512MB HDD that's protecting my 4Mbit adsl connection. Works like a charm
Oliver's Law:
Experience is something you don't get until just after you need it.
-
September 22nd, 2004, 02:42 PM
#3
Your hardware is probably overkill unless you have a massive amount of custom rules
and are prioritizing voice data over all other data types...My guess is you won't be.
Fedora+Snort does not a firewall make...!!
Any Linux using netfilter and snort among other configurations can be.
Why not use something like smoothwall (http://www.smoothwall.org) and get your
feet wet with it.
Physical location will depend on what your choices are...Details Details Details
I don't know about the others, but I flunked ESP in College..
-
September 22nd, 2004, 02:50 PM
#4
Member
Thanks for coming to the plate.
T1 inbound cisco router straight through, eth0 and eth1 circuits to internet related MS servers.
All software individual firewalls to date, just wanted to provide security umbrella and start to investigate potential security holes with some self generated attacks.
I am off to investigate your suggested url
If you need more info, just let me know what is is.
Thank you.
-
September 22nd, 2004, 02:56 PM
#5
Member
Smoothwall was not responding, I kept trying and finally it came up.
It the delay is anything to go by it doesn't look a viable proposition.
Will keep open mind and review further.
-
September 22nd, 2004, 03:01 PM
#6
Well unless you change your router config, you will need a firewall interface for each
router interface leading into your trusted network.
Placing enough NICS in your box will do the trick. More than one trusted interface will
just add a few more rules but not much complexity.
-
September 22nd, 2004, 03:01 PM
#7
Can I suggest where to place this (whatever you decide to put on) machine?
Code:
T1>---[cisco router]--[DYI Firewall/IDS]-----[Internal LAN]
\
----DMZ----[MS webservers]
Oh, and my firewall is running on FreeBSD-4-stable with IPFilter.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
September 22nd, 2004, 03:02 PM
#8
Member
Their IP pings at TTL=246
But the website navigation is like waiting for paint to dry
is this perhaps the Firewall in action?
Are you experiencing the same delays?
-
September 22nd, 2004, 03:10 PM
#9
Member
Thank you SirDice
There is only a couple of us on the trusted network.
There are MS servers on both eth circuits does that mean two
firewalls?
Network mainly consists of individual single workgroups, dns, email server, webservers, sql, couple of workstations.
-
September 22nd, 2004, 03:14 PM
#10
Member
ss2chef
Router is managed by provider of T1, it is open.
I thought I could put a FW box upstream of router between it and t1
input.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|