I think the SQUID for Windows is going to solve my problem with filtering.
Thanks Gill -----Original Message----- From: YashPal Singh [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 16, 2003 12:29 PM To: '[EMAIL PROTECTED]'; Hankes, Christopher A; Clinton McGuire; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Making a W2K with Internet Connection Sharing secure 1. To setup if you want to block URL then you have to use Proxy server bcoz i have worked with ipfw on freebsd and we cant block URLs using ipfw firewalls. By blocking ips you can block URLs indirectly but you have to put a lot of ips. If URL blocking is your concern then user proxy server. Squid is also available for Windows and its Free. 2. But if you want to be little more secure than use Linux, FreeBSD or any other Unix OS whichever you prefer. Also there is lot of documentation available for these OSes and you can setup firewall/Nating/proxy by putting some efforts. Most of the tools are opensource for Unices and you can download and start playing with them. You will learn a lot and will love to work on Unix. Thanks, Yash -----Original Message----- From: Sarbjit Singh Gill [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 14, 2003 12:41 AM To: Hankes, Christopher A; Clinton McGuire; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Making a W2K with Internet Connection Sharing secure I am afraid Linux has to be the last choice since Microsoft has been out biggest "donator". We have had so much money, software and support (their employees truly helping out with the kids). I cannot replace the W2K server with Linux. I may get old PCs and put it in front of the W2K Server. So far i do not hear a lot of PPPoE support for this type Linux. I am new to Linux and i am not sure if i can do it.? And besides enabling RRAS, i will go with pktfilter, which was recommended by Dave Kleiman. RRAS is great but i do not need the RRAS feature. pktfilter gives me just what i need, filtering. Thanks for responses. Gill -----Original Message----- From: Hankes, Christopher A [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 14, 2003 1:52 AM To: Clinton McGuire; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Making a W2K with Internet Connection Sharing secure coyote linux is good an free. It uses ipchains as it's firewall.I know you can block Ips but i'm not sure about URLs. Coyote linux was their help at this site www.dalantech.com. This site also has a lot of good info on security in general. Chris -----Original Message----- From: Clinton McGuire [mailto:[EMAIL PROTECTED]] Sent: Sat 1/11/2003 3:59 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: Subject: RE: Making a W2K with Internet Connection Sharing secure If you are going to use a low end comp to run a linux firewall check-out http://www.coyotelinux.com/ Linux on a floppy and its build for firewalls and other network appliances, also has great support, but I don't know if it has URL filtering... Clint -----Original Message----- From: Mike Moore [mailto:[EMAIL PROTECTED]] Sent: January 9, 2003 7:04 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Making a W2K with Internet Connection Sharing secure If you can come up with a very low end pc take a look at www.ipcop.org . It's a free Linux firewall that is very good in my opinion. They have a great mailing list for support. Then go here http://www.ipcop.org/cgi-bin/twiki/view/IPCop/IPCopDGHowto for Dan's Guardian a URL filtering application that works with IPCop. Then the W2K server and all workstations are protected. Just a thought. Mike > -----Original Message----- > From: Sarbjit Singh Gill [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, January 07, 2003 10:06 PM > To: [EMAIL PROTECTED] > Subject: Making a W2K with Internet Connection Sharing secure > > > Greetings, > > I am a part of a group of volunnteers who help with > teaching underprivileged kids in orphanages. > > we had some donation of softwares from Microsoft and > hardware from HP and DSL connectivity from a local > telco. > > The setup looks something like this : > DSL modem connected to a multi homed Windows 2000 > Server. The W2K box is then sharing the ADSL > connection via Internet Connection Sharing to the LAN > made up of 10-25 PC running W98,WME and W2K Pro. > > I need somekind of proxy/NAT/firewalling and URL > filtering capabilities on the W2K. They have to be > free. We are sourcing for some netscreen stuff but do > not know when it will come in. > > I can't use IP filtering in W2k as it affects all > adapters. The LAN PCs use the server as a DC for > policies and authentication. > > Right now the W2K server is connected to the internet > with no security whatsoever. > > Thanks in advance. > > Gill > > > Sarbjit Singh Gill > [EMAIL PROTECTED] > > Powered by Gee! - Wireless Access Anywhere > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.438 / Virus Database: 246 - Release Date: 1/7/2003