I downloaded a couple of (CD ISO) images of free firewalls last night - Monowall and Smoothwall - after hearing about them from the In The Trenches (System Administrators' podcast) interview with Mike Sweeney, author of Internet Security with Linux (check this and add hyperlinks!).
I'd used vanilla Linux - Debian, RedHat or Mandrake - stripped to the essentials and using iptables as the firewall - but haven't delved into more 'modern' ways of doing things - I'd seen RedWall used at a previous job but not been directly involved. I'm hoping the GUI front-ends on these things will make things a little less tedious to configure.
I want to set up a DMZ with mail, web and possibly other servers - and probably speed up DNS and do some web proxying/caching... and tighten up things a bit - especially since there are Windows machines in here - I might isolate those off onto their own network segment (and if I'm really feeling paranoid, install VPN on all the machines here)...
...oh, and I almost forgot, I want to put up Wi-Fi access for the house (and possibly for guests) without opening a can of worms.
So when I get some spare time, I'll be installing one of the above-mentioned firewalls (maybe some others if they take my fancy) and some NIC's, in a spare PC or 2 here (sidenote: 'twould be nice to shrink it to an ARM-based board to save power costs eventually) and play with configuring and securing them.
Watch this space...
No comments:
Post a Comment