RE: Making a W2K with Internet Connection Sharing secure

["Sarbjit Singh Gill" <ssgill () gilltechnologies com>]

I am afraid Linux has to be the last choice since Microsoft has been out
biggest "donator". We have had so much money, software and support (their
employees truly helping out with the kids). I cannot replace the W2K server
with Linux. I may get old PCs and put it in front of the W2K Server. So far
i do not hear a lot of PPPoE support for this type Linux. I am new to Linux
and i am not sure if i can do it.?

And besides enabling RRAS, i will go with pktfilter, which was recommended
by Dave Kleiman. RRAS is great but i do not need the RRAS feature. pktfilter
gives me just what i need, filtering.

Thanks for responses.
Gill


-----Original Message-----
From: Hankes, Christopher A [mailto:Christopher.A.Hankes () uwsp edu]
Sent: Tuesday, January 14, 2003 1:52 AM
To: Clinton McGuire; mike () moorecomputing net;
ssgill () gilltechnologies com; security-basics () securityfocus com
Subject: RE: Making a W2K with Internet Connection Sharing secure


coyote linux is good an free. It uses ipchains as it's firewall.I know you
can block Ips but i'm not sure about URLs. Coyote linux was their help at
this site www.dalantech.com. This site also has a lot of good info on
security in general.
Chris
-----Original Message-----
From:   Clinton McGuire [mailto:cmcguire () candlewest com]
Sent:   Sat 1/11/2003 3:59 PM
To:     mike () moorecomputing net; ssgill () gilltechnologies com;
security-basics () securityfocus com
Cc:
Subject:        RE: Making a W2K with Internet Connection Sharing secure
If you are going to use a low end comp to run a linux firewall check-out
http://www.coyotelinux.com/
Linux on a floppy and its build for firewalls and other network appliances,
also has great support, but I don't know if it has URL filtering...

Clint

-----Original Message-----
From: Mike Moore [mailto:mike () moorecomputing net]
Sent: January 9, 2003 7:04 PM
To: ssgill () gilltechnologies com; security-basics () securityfocus com
Subject: RE: Making a W2K with Internet Connection Sharing secure


If you can come up with a very low end pc take a look at www.ipcop.org .
It's a free Linux firewall that is very good in my opinion. They have a
great mailing list for support. Then go here
http://www.ipcop.org/cgi-bin/twiki/view/IPCop/IPCopDGHowto for Dan's
Guardian a URL filtering application that works with IPCop. Then the W2K
server and all workstations are protected. Just a thought.

Mike

> -----Original Message-----
> From: Sarbjit Singh Gill [mailto:ssgill () starhub net sg]
> Sent: Tuesday, January 07, 2003 10:06 PM
> To: security-basics () securityfocus com
> Subject: Making a W2K with Internet Connection Sharing secure
>
>
> Greetings,
>
> I am a part of a group of volunnteers who help with
> teaching underprivileged kids in orphanages.
>
> we had some donation of softwares from Microsoft and
> hardware from HP and DSL connectivity from a local
> telco.
>
> The setup looks something like this :
> DSL modem connected to a multi homed Windows 2000
> Server. The W2K box is then sharing the ADSL
> connection via Internet Connection Sharing to the LAN
> made up of 10-25 PC running W98,WME and W2K Pro.
>
> I need somekind of proxy/NAT/firewalling  and URL
> filtering capabilities on the W2K. They have to be
> free. We are sourcing for some netscreen stuff but do
> not know when it will come in.
>
> I can't use IP filtering in W2k as it affects all
> adapters. The LAN PCs use the server as a DC for
> policies and authentication.
>
> Right now the W2K server is connected to the internet
> with no security whatsoever.
>
> Thanks in advance.
>
> Gill
>
>
> Sarbjit Singh Gill
> ssgill () gilltechnologies com
>
> Powered by Gee! - Wireless Access Anywhere

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.438 / Virus Database: 246 - Release Date: 1/7/2003