Hi John,
Yes - I have two DNS servers and a mail service that need static IP
addresses. BellSouth have a very odd way of doing static IP... which
basically doesn't look like it's going to work for us.
Edi
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of John Hebert
Sent: Wednesday, January 16, 2002 9:34 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [brluglist] Firewall
Edmund,
Do you need a public subnet from BellSouth instead of using NAT? Or maybe I
am misunderstanding your intentions.
John Hebert
> -----Original Message-----
> From: Edmund Cramp [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, January 16, 2002 6:31 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [brluglist] Firewall
>
>
> Thanks Bruce,
>
> That looks like a useful list and one that I'll have to
> try out - right now
> I've had to put everything on hold while I deal with
> BellSouth and DSLhell.
> Once that is fixed my plan is to try and set up a simple
> firewall/VPN -
> assuming that I can get Bellsouth to give me a subnet that works.
>
> Just as a general FYI - I've had no problems with
> dynamic IP DSL - it works
> well and is fast (using an Alcatel DSL modem and a Netgear
> DSL/router) -
> however the Bellsouth solution for an IP subnet seems to be
> supported only
> if you use a Cayman DSL/router with all the routing features
> disabled...
>
> --
> Edmund Cramp
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Behalf Of Bruce Kives
> Sent: Tuesday, January 15, 2002 11:55 PM
> To: [EMAIL PROTECTED]
> Subject: [brluglist] Firewall
>
>
> Edmund,
>
> I new to to BRLUG, but I've recently upgraded my single floppy Linux
> firewall,
> so I can give you a quick run down on what's currently
> available. There are
> some CD-ROM based firewalls that use a floppy to store
> configurations, but I
> haven't tried any of them. I don't have a 486 or early
> Pentium machine that
> can boot off a CD-ROM. I also haven't tried FreeSCO.
>
> Once the floppy is built, all of these routers can be easily
> modified just
> by
> logging in and follow the menu to edit the appropriate file.
> The reason for
> this is that they all started in the same place. The father
> of the floppy
> router is LRP - Linux Router Project. You can create the boot
> floppy in
> Linux,
> or download a pre-built floppy 'idiot image' in Windows and
> write it to the
> floppy using rawrite. You then boot off of it and configure
> it the way you
> want. LRP is more more powerful in that you can add more
> programs, but you
> have to know how you want your firewall rules set up.
>
> Coyote Linux is basically LRP with a few additions and a
> ready to go set of
> firewall rules. It also has the best installer of them all. You can
> configure
> and create the floppy from either Linux or Windows. And
> setting it up was
> just
> simple. I had to modify the rules to get VPN to work, but
> other than that,
> it
> was easy. When doing a scan of the firewall using GRC's
> Shields Up port
> scan,
> all ports were closed.
>
> Frazier Firewall is an off-shoot of Coyote Linux. It has two
> strong features
> going for it. The first is a built in web server so that you
> can see the
> status of your firewall, and a log of who is scanning the
> firewall; all from
> your web browser. You can even have this log emailed to you daily. The
> second
> feature is a much better set of pre-built firewall rules. I
> didn't need to
> change anything. On the Shields Up port scan, one port showed
> up as closed.
> All the rest were in stealth mode. Closed means that and
> outside computer
> can
> see the port, but can't access the port. Stealth means that an outside
> computer could not even see the port.
> Frazier has a few minor problems. It uses an earlier version
> of the Coyote
> installer, and CAN NOT be created in Windows. You have to use the
> 192.168.128.0-255 range of addresses for the internal LAN. If you have
> problems getting Frazier to work, create a Coyote Linux
> floppy and see how
> the
> modules file is set up, then set up Frazier the same. And I
> still can't get
> the DHCP server to work, so I just use static IP addresses. But it's
> increased
> security and ease of use once set up make it my personal choice.
>
> LRP: http://master-www.linuxrouter.org:8080/
> Coyote Linux: http://www.coyotelinux.com/
> Frazier Firewall: http://www.frazierwall.com/
> Shields Up: http://grc.com/default.htm
>
> -Bruce Kives
>
>
>
> ____________________________________________________________________
> Get free e-mail and a permanent address at
http://www.amexmail.com/?A=1
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================
