First day networking, bug, lesson learned, Firewall needed

[webscripter]

Hi everyone,

I am learning about networking, and haven't installed a firewall yet. Only my first day with a network and someone loaded a bug into windows.

So here I go on the formatting and reloading programs. Fun,Fun!

Does someone know of a good firewall for both systems? And if I have internet connection sharing on the client computer do I have to put the firewall software on the client computer and the host?

What I would like to do is have one of my computers with mandrake linux and the other with a window system. Can these two systems communicate?

Thanks
Tricia
yorkeylady@earthlink.net

 

[Morsing]

Hi Tricia,
a firewall won't protect you against bugs because it's coming in via an email.

Windows and Linux communicates very well. I'm not sure what you mean by "sharing internet connection" but the firewall software only goes on the Linux server. You then need to close any direct internet access to the client directly.

Do a search on iptables to find out about the firewall and search for squid or ip masquerading for client access to the internet through the server.

P.S. How's your modem doing??

Cheers Henrik Morsing
IBM Certified AIX 4.3 Systems Administration

 

[webscripter]

I haven't had a chance to tackle the modem problem in linux. I've spent yesterday downloading books, reading about linux and modem connections. Everything I downloaded is gone, because of a bug called funlove. Not much fun!

I'm having a problem with linux. I decided to check out kdt desktop because it had a similiarity to windows. But when I tried to run hardrake to detect my hardware the computer froze.

I decided to go back to reading and setting up the network first for windows.

I would like to make linux the main OS with win98 on the same partitioned hardisk. And win95 on my second machine. I have a USB cable that allows internet connection and file sharing.

But now I have to go learn about firewalls, such an intensive process! Thanks
Tricia
yorkeylady@earthlink.net

 

[Geyybecca]

are you planning on running firewall on the Linux box or the windows box ? what type of internet connection do you have ? Linux is quiet good at acting as a firewall, if your going to have the firewall on the Windows box then I would go for winroute Pro. MCSE,MCSA,MCP+i,MCP

 

[webscripter]

Thanks,

The setup Scenario is
2 computers,
1. 20g with linux on logical drive and win98 as primary
2. win95 on dinosaur computer with cable connection to 1.

I just discovered that the firewall I'm testing now doesn't gaurantee support for internet connection sharing. (Agnitum Outpost Pro). I've spent all day wondering why it was timing out on the cable connection. Is there an option to allow more time to connect? I forgot to read the fine print.

Win route provides support for internet sharing and sounds great, but I don't have 150.00 to invest for a 5 user license.

So I guess the internet connection sharing has to go for windows.

Is there any other choices?

Thanks
Tricia
yorkeylady@earthlink.net

 

[stubbint]

Try smoothwall for your Linux server.

http://www.smoothwall.org

Its easy to install and configure.

 

[Norwich]

Hi,

Just some issues to consider...

Firewalls,

Simplifying, there are two types. Dedicated and 'personal' -installed on a client machine. With the former, you have a box (PC or device) that connects to the internet and shared the connection to a local network (or evern just one other machine). The other is an application you install on the PC that firewalls it's own individual connection (modem etc).

The former is the style used in corporate setups, can cost a fortune for top of the range but are very good. Linux is good for this sort of thing - setting up the connection sharing, filtering etc. However, it may be a bit of a task for a newbie - especially as you will want to keep all of the running services and daemons to a minimum so no graphics/X-windows etc. Look into free firewall based distros that are pre-setup and easy to configure such as Smoothwall (Astaro is worth checking out - VERY GOOD - free if non-corporate use - but can be quite complex as it's competing with the corporate big-boys). Also in this group are the out of the box broadband/cable routers that have built in firewalls.

The second group of personal firewalls is targeted at the individual home PCs. For windows boxes, check out zonealarm and tiny firewall - both are free. You can also configure individual linux workstations. As these workstation linux boxes are most probably running X windows and all the goodies, there are GUI configuration tools for this in Mandrake, SuSE etc.

The benefit of the dedicated box is that it not running any other application that may compromise it's function and is also less likely to have such a program installed (virus - trojan etc) as there's no-one running it as a desktop day to day that could accidentally install something.

The benefit of some personal firewalls is that they can monitor inappropriate outbound connections from that machine (rather than other machines using it as a gateway) which means that they can monitor for trojans and worms trying to connect out.

Personally, for a home setup, I would use a dedicated firewall gateway (either an old PC running Smoothwall/Astaro or a cable router) but also install zonealarm on the local windows PC to keep an eye out for trojans calling out.

And don't forget anti-virus software on the windows boxes too so as to avoid trojan infections in the first place - a good free one is grisoft.

 

[webscripter]

There is a little discontent with my teenager who doesn't like firewalls. Her favorite program is imesh, which is a program for sharing files with anyone over the internet.

The firewall causes a problem because the user has to be there to accept the incoming file. She turns it on an likes to let it run all night while she sleeps.

So I gave her the old pc and told her if she gets a virus she has to deal with it.

So I have a linux box with protection, and I want to set up file sharing with her windows program, but it doesn't have protection at all. I will just scan the sharing directory as needed. Is this a good idea? Or can a virus jump boxes. Thanks
Tricia
yorkeylady@earthlink.net

 

[Norwich]

Hi,

If the Windows box is compromised and infected with a control trojan like "back orifice" then it can be used as a jumping off point for other machines in the same network. So if their Windows PC is 'outside' the firewall protecting the linux box then you're OK - provided the firewall treats the Windows box just like any other external address. If both are behind the same firewall - but with the firewall configured to allow access to the Windows PC then you could be in trouble.

 

[w1nn3r]

Pardon me if i am understanding this incorrectly, but you have 1 machine that is your networks gateway/router and you have your daughters PC that is running win9* that wants to be able to share files with a P2P filesharing app(iMesh) and you are having problems firewalling your LAN safely with this setup. My suggestion is that with the linux machine setup with IPTABLES/IPCHAINS you can firewall everything but the port(s) that iMesh uses to share files with and her PC will be blind to the INET as a whole except for the forwarded ports which iMesh needs to share files.