Edmund, Do you need a public subnet from BellSouth instead of using NAT? Or maybe I am misunderstanding your intentions.
John Hebert > -----Original Message----- > From: Edmund Cramp [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 16, 2002 6:31 AM > To: [EMAIL PROTECTED] > Subject: RE: [brluglist] Firewall > > > Thanks Bruce, > > That looks like a useful list and one that I'll have to > try out - right now > I've had to put everything on hold while I deal with > BellSouth and DSLhell. > Once that is fixed my plan is to try and set up a simple > firewall/VPN - > assuming that I can get Bellsouth to give me a subnet that works. > > Just as a general FYI - I've had no problems with > dynamic IP DSL - it works > well and is fast (using an Alcatel DSL modem and a Netgear > DSL/router) - > however the Bellsouth solution for an IP subnet seems to be > supported only > if you use a Cayman DSL/router with all the routing features > disabled... > > -- > Edmund Cramp > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Bruce Kives > Sent: Tuesday, January 15, 2002 11:55 PM > To: [EMAIL PROTECTED] > Subject: [brluglist] Firewall > > > Edmund, > > I new to to BRLUG, but I've recently upgraded my single floppy Linux > firewall, > so I can give you a quick run down on what's currently > available. There are > some CD-ROM based firewalls that use a floppy to store > configurations, but I > haven't tried any of them. I don't have a 486 or early > Pentium machine that > can boot off a CD-ROM. I also haven't tried FreeSCO. > > Once the floppy is built, all of these routers can be easily > modified just > by > logging in and follow the menu to edit the appropriate file. > The reason for > this is that they all started in the same place. The father > of the floppy > router is LRP - Linux Router Project. You can create the boot > floppy in > Linux, > or download a pre-built floppy 'idiot image' in Windows and > write it to the > floppy using rawrite. You then boot off of it and configure > it the way you > want. LRP is more more powerful in that you can add more > programs, but you > have to know how you want your firewall rules set up. > > Coyote Linux is basically LRP with a few additions and a > ready to go set of > firewall rules. It also has the best installer of them all. You can > configure > and create the floppy from either Linux or Windows. And > setting it up was > just > simple. I had to modify the rules to get VPN to work, but > other than that, > it > was easy. When doing a scan of the firewall using GRC's > Shields Up port > scan, > all ports were closed. > > Frazier Firewall is an off-shoot of Coyote Linux. It has two > strong features > going for it. The first is a built in web server so that you > can see the > status of your firewall, and a log of who is scanning the > firewall; all from > your web browser. You can even have this log emailed to you daily. The > second > feature is a much better set of pre-built firewall rules. I > didn't need to > change anything. On the Shields Up port scan, one port showed > up as closed. > All the rest were in stealth mode. Closed means that and > outside computer > can > see the port, but can't access the port. Stealth means that an outside > computer could not even see the port. > Frazier has a few minor problems. It uses an earlier version > of the Coyote > installer, and CAN NOT be created in Windows. You have to use the > 192.168.128.0-255 range of addresses for the internal LAN. If you have > problems getting Frazier to work, create a Coyote Linux > floppy and see how > the > modules file is set up, then set up Frazier the same. And I > still can't get > the DHCP server to work, so I just use static IP addresses. But it's > increased > security and ease of use once set up make it my personal choice. > > LRP: http://master-www.linuxrouter.org:8080/ > Coyote Linux: http://www.coyotelinux.com/ > Frazier Firewall: http://www.frazierwall.com/ > Shields Up: http://grc.com/default.htm > > -Bruce Kives > > > > ____________________________________________________________________ > Get free e-mail and a permanent address at http://www.amexmail.com/?A=1 ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
