Re: Security/Firewall question

[BIll Phillips <bhp () arizona edu>]

Or even

http://www.astaro.com/

=)

Morton B. Maser wrote:

> I had a similar situation, but rather than using openBSD found Astero
> (http://www.astero.com).  The firewall runs on a hardened Linux kernel, and
> you can add Kapersky AV is so desired for a nominal sum (or free, if you
> participate actively in Astero's power users forum.)  The firewall can be
> downloaded free for personal use:  a few of the features available on the
> paid license aren't on the free version, but I don't think you'll find
> anything you need that's missing (judging from your description).  The one
> caveat is that the Astero firewall does require a standalone box to box;
> minimum hardware requirements are a 400 MHz processor and 128 MB Ram (I used
> an old original Celeron box, and it works fine).
>
> M
> ----- Original Message ----- 
> From: "Gregg" <gbtech () citlink net>
> To: <security-basics () securityfocus com>
> Sent: Tuesday, July 29, 2003 1:40 AM
> Subject: Security/Firewall question
>
>
>  
>
> > Hi everyone!
> >
> > I'm still pretty new to security and firewalls and such, and I'm having a
> > problem wrapping my head around a couple of concepts. Here's what I have-
> > I have a stand alone email server behind an Adsl router (with 4prt hub).
> > The router is set to pass-thru (nat and firewall disabled). 1 port goes to
> > a firewall device, and my LAN behind that. 1 port goes to my Email server,
> > a Win2k box (hey, quit lookin at me like that).
> >
> > I've got a handful of fixed IP's to work with. Here's what I'd like to do-
> >
> > Keep everything the same BUT- put an OpenBSD box in between the router and
> > the email server (protect the snivelling email server). So, I builts me
> > dis purty OpenBSD box from the broken bodies of mine enemies past (a Dell
> > Dim XPS V350 with a bad video card). Put 2 Nics in the beast. Lovely.
> >
> > Now, I have an IP from my block of 5 registered currently for my email
> > server.
> > I'm not certain if-
> > I want to assign that IP to the OpenBSD firewall, and use NAT and/or RDR
> > to pass on SMTP traffic on port 25 to the email server. Yes? No? Maybe? Am
> > I a shame on my species?
> >
> > --------------------------------------------------------------------------
> >    
> -
>  
>
> > --------------------------------------------------------------------------
> >    
> --
>  
>
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------
>
>  




---------------------------------------------------------------------------
----------------------------------------------------------------------------