Jump to content

Firewalls For Server 2003.


ZeR0BuG

Recommended Posts

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

How does your ISP keep you from using a Linux box as your firewall? I've never heard of that before, kinda scary. Who is your ISP?

I'm not sure about a firewall that will run on Server 2003 but I can tell you that I use Norton Corporate AV and run the management console on a 2003 server. I am still getting used to it but so far it has been pretty good.

Link to comment
Share on other sites

I would really consider putting another device in front of your machine. Pick up a cheap sonicwall off ebay or something. Also, how exactly does the ISP know that you are running Linux as a gateway? Have you tried, or did they just tell you that? It seems like they would have to be running constant fingerprinting to check your OS in order to determine what system you are using as a gateway... that seems like a waste of effort on their end...

Link to comment
Share on other sites

How does your ISP keep you from using a Linux box as your firewall? I've never heard of that before, kinda scary. Who is your ISP?

I'm not sure about a firewall that will run on Server 2003 but I can tell you that I use Norton Corporate AV and run the management console on a 2003 server. I am still getting used to it but so far it has been pretty good.

I'm not sure... I cant even use a router... because the modem won't assign any thign else an IP address... even with 3 differnt modems... and they won't help me.

Link to comment
Share on other sites

(sucks I know, ISP no work with linux).(10 Machines)

That is compleate bullshit, there is no way your ISP could tell if a packet went through a windows or a linux gateway.

Sry for two differnt posts.. I never said that they were blockign Linux.. I just said my ISP doesnt work with linux as in they DONT SUPPORT IT as in If i have a problem they dont help me. And ihave a problem becasue I can't get on the internet with linux...

Oh Harrison.. I have tried... and they have told me that.... they say they support home networking.. but they don't offer support for it...

Link to comment
Share on other sites

That is compleate bullshit, there is no way your ISP could tell if a packet went through a windows or a linux gateway.

Actually, there are plenty of ways. TCP/IP Stack fingerprinting is one. But like I mentioned before, it would be a complete waste for an ISP to perform this.

Check this link for more information on detecting OS'.

Link to comment
Share on other sites

*quickly skims that thing harrison linked to*

I always thought that a packet from one OS would be the same as another packet from another OS (i.e. complie striktly to the OSI model and the TCP/IP protacall in the case of that). How easy (or hard) would it be find out what OS a computer is running if it is running a stelthing firewall with no listening services but you can hear all it's out bound trafic (asuming the web browser doesn't say it's running on Linux for example) Harrison?

Link to comment
Share on other sites

SonicWall is good because you can get them pretty cheap on ebay. I am using a SonicWall TZ 170 at my house, and it's pretty good. Doesn't have the CLI like Cisco, it's still a web based interface, but it makes it easy to configure. I would say they are pretty good. I think it's certainly better than running win2k3 server as a gateway, particularly if you plan on running other services on that win machine as well.

Link to comment
Share on other sites

Well, I am not going to recommend you buying one without calling your ISP first, since it seems like you have beem having some trouble with them. I have made recommendations before and gotten bitched out when they didn't work out, haha. But SonicWall's website has some great whitepapers on doing various setups and configurations for your router. They also have good wizards.

Link to comment
Share on other sites

is Sonicwall a good hardware firewall solution? *Looking it up right now*

In my experiance, yes. I have two offices and they are both running Sonicwall TZ170s. So far it has been a great experiance. They have been much easier to administer than the Cisco Pix that we were using before. Being a new admin, I like easy. Hell being a lazy person, I love easy.

Is your ISP Charter by chance?

Link to comment
Share on other sites

Yes sir it is... They SUCK!

How could you tell?

I worked in broadband support division at Charter. We did your tech support in Spring while I was there and the infrastructure was shit. We got nothing but pushback from local engineers anytime we tried to get an issue resolved. It was not unusual for the entire network to go down for days at a time. They were basicly of the opinion that they were the only game in town and if you didn't like you could go fuck yourself.

They have sinced outsourced all support to someplace in Kentucky the last I heard and I am sure that local still could care less. I can tell you that they don't block Linux but don't try to ask them for help because you will get shut down (as in hell no we don't support that). In theory a Sonicwall should work just fine on that network but don't hold me to that.

IMHO, if there is another broadband option in Spring now, go for it.

Link to comment
Share on other sites

Oh, i know they dont block linux.... becaue ive used linux firewalls b4.. and then after Hurricane Rita.. stoped working.... and the internet going down for days.. they came out and replaced my damn cable modem and i didn thave internet for 2 damned weeks.

EDIT: I've been looking for new ISP's but i refuse to go to DSL... I am gonna call Center Point Energy about BPL....

EDIT 2.0: I can't even get a freaking linksys router to work with my cable modem... lol

Link to comment
Share on other sites

What about using a cheap machine and throwing IPCOP or m0n0wall on it ? there are TONS of customizations and support for these distro's and come pretty well stacked with options.

I would throw this in front of your windows 2003 box or if you want to setup the win box as your local 'router' you can -- behind the above mention boxes.

If you're looking for a pure router you can use vyatta or XORP both options that compare against using a cisco or juniper box.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...