Internet use has exploded, and e-commerce has become a daily part of business and personal life. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks and the need to protect both business and personal data have never been greater.
What kinds of security threats are posed by the Internet? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. Others, like password sniffers, IP forgery, and various types of hijacking and replay attacks, are newer. And still others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, come from today's headlines.
Firewalls are a very effective way to protect your system from most Internet security threats and are a critical component of today's computer networks. Firewalls in networks keep damage on one part of the network (e.g., eavesdropping, a worm program, file damage) from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Worldwide Hacker penatrations per minute : are increasing !Linux and an old 486 or Pentium-1 can make a powerfully effective and manageable Firewall. A PPP/Slip dial-up connection and a v.90 56K modem can be added as bonus dial-up for staff members working at home. NAT or network address translation can give a new range of IP numbers to a single static or even intermittent dynamic (floating ) IP connection like an BRI or cable modem.
WebShield SolarisFrom McAfee, it's issues apply to all firewalls !
2.1.2 "ICMP redirects" and "redirect bombs"
2.1.3 "denial of service" – via ICMP-Packets
2.1.4 Normal "denial of service" - DOS
2.2.1 SMURF - Attacks
2.2.2 SMTP Session Hijacking
2.2.3 Exploiting Bugs in Applications
4.8 FTP and Masquerading
4.9 Transparenter Proxy
4.10 Log (s)
4.11 ToS -Field
4.12 Port Forwarding
4.13 Background Virus Scanning at the Router
tar –zxvf fw.tgz ( un tar ball the install file set )
cd firewall ( change to directory ‘firewall’ )
cp fw.config fw.back ( make a backup of the config file )
pico fw.config ( choose network cards )
chmod +x *.sh ( Change ‘mod’ of the shell scripts to executable )
Next put in any good 1.44 diskette in drive FD0 ("A:"), be it Blank, Not Blank, or UnFormatted as this uses dd
./bootroot.sh ( this makes a Floppy FireWall ‘BOOT’ floppy )
Next put in another good 1.44 diskettein drive FD0 ("A:"), be it Blank, Not Blank, or UnFormatted as this uses dd
./utildisk.sh ( this makes a Floppy FireWall ‘UTILITY’ floppy )These are the binary executables that can fit on the 'utildisk' floppy and supplement the internal commands of Linux ;
Editors, either vi or pico won't fit on the first 'utildisk' floppy, but could be needed to edit any config file.You can use dd to make backups with, dd if=/dev/fd0 of=backup.img bs=1k (if /dev/fd0 is your 3.5" floppy).
Linux Firewall URL Reference & BookMark List
Linux Firewall and Security Site
... Linux Firewall and Security Site Featuring Firewall LAN,
the Linux Firewall Design Tool, the Firewall itself and LAN Security FAQ
www.linux-firewall-tools.com/linux/ - 18k -Cached - Similar pages
Creating A Linux Firewall Using the TIS (Trusted Information Systems) Firewall
… Linux Journal #25- May 1996 ; Creating A Linux Firewall Using the TIS...
www2.linuxjournal.com/lj-issues/issue25/1204.html - 28k -
Trusted Information Systems Inc. (TIS) http://www.tis.com/ )
The Firewall Toolkit (FWTK)
http://www.greatcircle.com/lists/firewalls Brent Champan’s Great Circle
Debian GNU/Linux Firewall
... This page is dedicated to a Debian GNU/Linux based Firewall system.
www.weikert.de/debwall/ - 31k -
Mason - the automated Firewall builder for Linux
... Recommended; Mason is a Linux based Firewall, but none like...
...interactively builds a Firewall using Linux' ipfwadm or ipchains...
users.dhp.com/~whisper/mason/ - 20k -
F F W – The Floppy Firewall, a Linux Firewall
... Turn an old 386 or 486 into a Linux based Firewall system, sans HardDrive.
FFW - http://members1.chello.nl/~rvdoever/fwflop/
F R P – Floppy Router Project , Linux based TCP/IP Router without a HardDrive.
The F R P – Floppy Router Project, TCP/IP FRP is closely related to the FFW Floppy Firewall.
L R P ; the Linux Router Project w/ Firewall
... This page is dedicated to the Linux Router Project based Firewall system.
http://lrp.steinkuehler.net/ Linux Router Project ( Firewall & Bonus PPP dial-in )
ZDNet: Help & How-To: Linux Firewall On A 486: A Guard-Penguin
...How-To install a Linux Firewall On A 486;
www.zdnet.com/zdhelp/stories/main/0,5594,2503199,00.html - 45k –
FLOPPY FIREWALL –SYSTEM HARDWARE REQUIREMENTS 386 with 4 Meg of RAM or
486 with 8 Megs of RAM or
Pentium-1 with 16 megs of RAM
2 Network Cards – ISA ; preferably matching ( Pentium –1 could use PCI or ISA NICs )
1 Floppy Drive –
Optional – 2nd Floppy or 40 / 80 Meg HardDrive
Keyboard is Optional if CMOS RAM can be set for "NO Keyboard "
Monitor Card – Can be omitted & ignored in most 386’s and some 486’s
VGA Monitor Optional – ( Headless )
Note: Standard output can be redirected to a COM1: or COM2: , & then use an old Dumb Terminal.
PPP Router Option – One or Two 56K v.90 Modem’s configured on COM3 & COM4 if internal or
COM1: & COM2: when using external modems.
And it hurts to be cracked in the face !
16 Meg of RAM and 850 Meg, 1 gig or 1.2 gig harddrive minimum.
Partition HardDrive as follows ( re; stu & goeffrey )
Physical 1 ( hda1 ) ; /boot ; 8-10 Megabytes
Physical 2 ( hda2 ); / ( swap type 82 ) = 2xRAM or 32 Megabytes
Physical 3 ( hda3 ) ; / ( root ) = 250 Megabytes
Physical 4 ( hda4 )- contains balance of drive these extended partitions
Installing a Firewall, part #2 of article
Installing a Firewall, part #3 of article
SYSTEM HARDWARE REQUIREMENTS
Linux vs. a SUN Solaris FireWall -
Other Hardware: Access to CD-ROM drive supported by Solaris 2.6 if you intend to install the product from a CD Other Software:
- FireWall tools that come with most Linux distributions -
Phoenix Adaptive Firewall uses state inspecting firewall for network and Internet security,
The Phoenix Adaptive Firewall is the first ICSA certified firewall on linux distributions.
It uses adaptive, state-analysis firewall technology with a java based gui for secure remote administration.
http://www.stonebeat.com A leader in Secured Availability for networks and Internet security
http://www.sniffer.com Sniffer from Network Associates ( McAfee ) http://www.nai.com makers of
NetSheild for Linux ; http://www.mcafeeb2b.com and WebSheild at the NOC’s LAN Gateway http://www.mcafeeb2b.com/products/webshield-solaris/default.asp
OPEN Source Firewalls
Commercial Linux Firewalls
Linux Appliance Roundup
http://www.dilbert.com/comics/dilbert/archive The Dilbert Cartoon Archives
ASP NOC Architecture Block Diagram
ASP NOC Architecture Block Diagram