Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
> Does anyone have any suggestions about what type of firewall config is the > most straight-forward and reliable for setting up multiple PC's to share a > cable internet connection ? I've found ipf on FreeBSD (and previously OpenBSD, but, well...) to be quite suitable for firewall applications. The rules are fairly easy to understand and edit once you take five minutes to learn the syntax, although it still doesn't fall into the category of "so easy my grandma could do it" if that's what you're looking for. A friend of mine wrote a fairly decent guide using an x86 machine with two network cards and OpenBSD 3.1 which can be found at http://mlowe.phpwebhosting.com/pages/openbsd.html. And of course, you'll be wanting to investigate both firewall and NAT (network address translation) solutions, which the above guide also explores. I'll also second what Derek said about the best firewall setup being one that you've designed yourself after gaining understanding of what issues might be involved. There are some basics one should follow (make sure as few services as are feasible are listening to the outside interface, go through regular log audits, and even ideally run Snort or some other IDS just in case...) but as to the specific rules, you're the only one who knows what it is you need your firewall to do. I, for example, need to have an H.323 proxy running on mine for Netmeeting calls (Silliest. Protocol. Ever.) which pokes an enormous hole in my security. You may well have similar concerns. Anyway, that's my two bits.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |